{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","type":"deb","namespace":"debian","name":"icedove","version":"1:45.8.0-3~deb8u1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51547?format=json","vulnerability_id":"VCID-3cbn-278y-hkah","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7784.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7784.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7784","reference_id":"","reference_type":"","scores":[{"value":"0.05217","scoring_system":"epss","scoring_elements":"0.89951","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05217","scoring_system":"epss","scoring_elements":"0.89953","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05217","scoring_system":"epss","scoring_elements":"0.89901","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05217","scoring_system":"epss","scoring_elements":"0.89945","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05217","scoring_system":"epss","scoring_elements":"0.8994","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05217","scoring_system":"epss","scoring_elements":"0.89923","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05217","scoring_system":"epss","scoring_elements":"0.89904","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05217","scoring_system":"epss","scoring_elements":"0.89917","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7784"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1376087","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1376087"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:C/I:C/A:C"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3928","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3928"},{"reference_url":"https://www.debian.org/security/2017/dsa-3968","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3968"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-18/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-18/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-19/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-19/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-20/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-20/"},{"reference_url":"http://www.securityfocus.com/bid/100202","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/100202"},{"reference_url":"http://www.securitytracker.com/id/1039124","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039124"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479201","reference_id":"1479201","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479201"},{"reference_url":"https://security.archlinux.org/ASA-201708-18","reference_id":"ASA-201708-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-18"},{"reference_url":"https://security.archlinux.org/ASA-201708-3","reference_id":"ASA-201708-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-3"},{"reference_url":"https://security.archlinux.org/AVG-375","reference_id":"AVG-375","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-375"},{"reference_url":"https://security.archlinux.org/AVG-385","reference_id":"AVG-385","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7784","reference_id":"CVE-2017-7784","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7784"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://security.gentoo.org/glsa/201803-14","reference_id":"GLSA-201803-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18","reference_id":"mfsa2017-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19","reference_id":"mfsa2017-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20","reference_id":"mfsa2017-20","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2456","reference_id":"RHSA-2017:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2534","reference_id":"RHSA-2017:2534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2534"},{"reference_url":"https://usn.ubuntu.com/3391-1/","reference_id":"USN-3391-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3391-1/"},{"reference_url":"https://usn.ubuntu.com/3416-1/","reference_id":"USN-3416-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3416-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7784"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3cbn-278y-hkah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51546?format=json","vulnerability_id":"VCID-48em-7yxs-pqf9","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7779.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7779.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7779","reference_id":"","reference_type":"","scores":[{"value":"0.02073","scoring_system":"epss","scoring_elements":"0.83955","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02073","scoring_system":"epss","scoring_elements":"0.83959","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02073","scoring_system":"epss","scoring_elements":"0.83886","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02073","scoring_system":"epss","scoring_elements":"0.83965","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02073","scoring_system":"epss","scoring_elements":"0.83949","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02073","scoring_system":"epss","scoring_elements":"0.83943","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02073","scoring_system":"epss","scoring_elements":"0.83919","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02073","scoring_system":"epss","scoring_elements":"0.839","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02073","scoring_system":"epss","scoring_elements":"0.83916","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7779"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1354443%2C1368576%2C1366903%2C1369913%2C1371424%2C1346590%2C1371890%2C1372985%2C1362924%2C1368105%2C1369994%2C1371283%2C1368362%2C1378826%2C1380426%2C1368030%2C1373220%2C1321384%2C1383002","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1354443%2C1368576%2C1366903%2C1369913%2C1371424%2C1346590%2C1371890%2C1372985%2C1362924%2C1368105%2C1369994%2C1371283%2C1368362%2C1378826%2C1380426%2C1368030%2C1373220%2C1321384%2C1383002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:C"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3928","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3928"},{"reference_url":"https://www.debian.org/security/2017/dsa-3968","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3968"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-18/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-18/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-19/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-19/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-20/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-20/"},{"reference_url":"http://www.securityfocus.com/bid/100201","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/100201"},{"reference_url":"http://www.securitytracker.com/id/1039124","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039124"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479191","reference_id":"1479191","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479191"},{"reference_url":"https://security.archlinux.org/ASA-201708-18","reference_id":"ASA-201708-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-18"},{"reference_url":"https://security.archlinux.org/ASA-201708-3","reference_id":"ASA-201708-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-3"},{"reference_url":"https://security.archlinux.org/AVG-375","reference_id":"AVG-375","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-375"},{"reference_url":"https://security.archlinux.org/AVG-385","reference_id":"AVG-385","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7779","reference_id":"CVE-2017-7779","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7779"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://security.gentoo.org/glsa/201803-14","reference_id":"GLSA-201803-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18","reference_id":"mfsa2017-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19","reference_id":"mfsa2017-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20","reference_id":"mfsa2017-20","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2456","reference_id":"RHSA-2017:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2534","reference_id":"RHSA-2017:2534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2534"},{"reference_url":"https://usn.ubuntu.com/3391-1/","reference_id":"USN-3391-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3391-1/"},{"reference_url":"https://usn.ubuntu.com/3416-1/","reference_id":"USN-3416-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3416-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7779"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-48em-7yxs-pqf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59380?format=json","vulnerability_id":"VCID-4jqv-p541-tfa9","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7749.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7749.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7749","reference_id":"","reference_type":"","scores":[{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83117","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83121","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83051","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83127","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83111","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83103","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83079","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83067","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83081","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7749"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1355039","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1355039"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3881","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3881"},{"reference_url":"https://www.debian.org/security/2017/dsa-3918","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3918"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-15/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-15/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-16/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-16/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-17/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-17/"},{"reference_url":"http://www.securityfocus.com/bid/99057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/99057"},{"reference_url":"http://www.securitytracker.com/id/1038689","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1038689"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461253","reference_id":"1461253","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461253"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7749","reference_id":"CVE-2017-7749","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7749"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7749"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4jqv-p541-tfa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59389?format=json","vulnerability_id":"VCID-622g-5uav-bbgd","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7764.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7764.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7764","reference_id":"","reference_type":"","scores":[{"value":"0.01035","scoring_system":"epss","scoring_elements":"0.77375","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01035","scoring_system":"epss","scoring_elements":"0.77378","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01035","scoring_system":"epss","scoring_elements":"0.77317","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01035","scoring_system":"epss","scoring_elements":"0.77399","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01035","scoring_system":"epss","scoring_elements":"0.77372","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01035","scoring_system":"epss","scoring_elements":"0.77362","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01035","scoring_system":"epss","scoring_elements":"0.77332","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01035","scoring_system":"epss","scoring_elements":"0.77323","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01035","scoring_system":"epss","scoring_elements":"0.77352","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7764"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1364283","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1364283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:P"},{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3881","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3881"},{"reference_url":"https://www.debian.org/security/2017/dsa-3918","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3918"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-15/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-15/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-16/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-16/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-17/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-17/"},{"reference_url":"http://www.securityfocus.com/bid/99057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/99057"},{"reference_url":"http://www.securitytracker.com/id/1038689","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1038689"},{"reference_url":"http://www.unicode.org/reports/tr31/tr31-26.html#Aspirational_Use_Scripts","reference_id":"","reference_type":"","scores":[],"url":"http://www.unicode.org/reports/tr31/tr31-26.html#Aspirational_Use_Scripts"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461262","reference_id":"1461262","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461262"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7764","reference_id":"CVE-2017-7764","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7764"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7764"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-622g-5uav-bbgd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51550?format=json","vulnerability_id":"VCID-7mvz-mr2e-hyfx","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7787.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7787.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7787","reference_id":"","reference_type":"","scores":[{"value":"0.00979","scoring_system":"epss","scoring_elements":"0.76755","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00979","scoring_system":"epss","scoring_elements":"0.76775","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00979","scoring_system":"epss","scoring_elements":"0.76689","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00979","scoring_system":"epss","scoring_elements":"0.76747","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00979","scoring_system":"epss","scoring_elements":"0.76736","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00979","scoring_system":"epss","scoring_elements":"0.76704","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00979","scoring_system":"epss","scoring_elements":"0.76693","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00979","scoring_system":"epss","scoring_elements":"0.76722","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7787"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1322896","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1322896"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:N/A:N"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3928","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3928"},{"reference_url":"https://www.debian.org/security/2017/dsa-3968","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3968"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-18/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-18/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-19/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-19/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-20/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-20/"},{"reference_url":"http://www.securityfocus.com/bid/100234","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/100234"},{"reference_url":"http://www.securitytracker.com/id/1039124","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039124"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479206","reference_id":"1479206","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479206"},{"reference_url":"https://security.archlinux.org/ASA-201708-18","reference_id":"ASA-201708-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-18"},{"reference_url":"https://security.archlinux.org/ASA-201708-3","reference_id":"ASA-201708-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-3"},{"reference_url":"https://security.archlinux.org/AVG-375","reference_id":"AVG-375","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-375"},{"reference_url":"https://security.archlinux.org/AVG-385","reference_id":"AVG-385","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7787","reference_id":"CVE-2017-7787","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7787"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://security.gentoo.org/glsa/201803-14","reference_id":"GLSA-201803-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18","reference_id":"mfsa2017-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19","reference_id":"mfsa2017-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20","reference_id":"mfsa2017-20","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2456","reference_id":"RHSA-2017:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2534","reference_id":"RHSA-2017:2534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2534"},{"reference_url":"https://usn.ubuntu.com/3391-1/","reference_id":"USN-3391-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3391-1/"},{"reference_url":"https://usn.ubuntu.com/3416-1/","reference_id":"USN-3416-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3416-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7787"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7mvz-mr2e-hyfx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59384?format=json","vulnerability_id":"VCID-9k9g-4cxt-3faj","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7754.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7754.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7754","reference_id":"","reference_type":"","scores":[{"value":"0.01409","scoring_system":"epss","scoring_elements":"0.80492","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01409","scoring_system":"epss","scoring_elements":"0.805","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01409","scoring_system":"epss","scoring_elements":"0.8044","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01409","scoring_system":"epss","scoring_elements":"0.80514","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01409","scoring_system":"epss","scoring_elements":"0.80496","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01409","scoring_system":"epss","scoring_elements":"0.80486","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01409","scoring_system":"epss","scoring_elements":"0.80457","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01409","scoring_system":"epss","scoring_elements":"0.80446","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01409","scoring_system":"epss","scoring_elements":"0.80467","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7754"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1357090","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1357090"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3881","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3881"},{"reference_url":"https://www.debian.org/security/2017/dsa-3918","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3918"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-15/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-15/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-16/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-16/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-17/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-17/"},{"reference_url":"http://www.securityfocus.com/bid/99057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/99057"},{"reference_url":"http://www.securitytracker.com/id/1038689","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1038689"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461257","reference_id":"1461257","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461257"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7754","reference_id":"CVE-2017-7754","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7754"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7754"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9k9g-4cxt-3faj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59387?format=json","vulnerability_id":"VCID-awue-n9ua-hfej","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7757.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7757.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7757","reference_id":"","reference_type":"","scores":[{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83117","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83121","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83051","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83127","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83111","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83103","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83079","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83067","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83081","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7757"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1356824","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1356824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3881","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3881"},{"reference_url":"https://www.debian.org/security/2017/dsa-3918","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3918"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-15/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-15/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-16/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-16/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-17/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-17/"},{"reference_url":"http://www.securityfocus.com/bid/99057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/99057"},{"reference_url":"http://www.securitytracker.com/id/1038689","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1038689"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461259","reference_id":"1461259","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461259"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7757","reference_id":"CVE-2017-7757","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7757"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7757"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-awue-n9ua-hfej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51559?format=json","vulnerability_id":"VCID-d7jf-wx4p-cuek","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7807.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7807.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7807","reference_id":"","reference_type":"","scores":[{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73645","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73653","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73594","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73671","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73648","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73636","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.736","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73603","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73627","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7807"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1376459","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1376459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3928","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3928"},{"reference_url":"https://www.debian.org/security/2017/dsa-3968","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3968"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-18/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-18/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-19/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-19/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-20/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-20/"},{"reference_url":"http://www.securityfocus.com/bid/100242","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/100242"},{"reference_url":"http://www.securitytracker.com/id/1039124","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039124"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479227","reference_id":"1479227","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479227"},{"reference_url":"https://security.archlinux.org/ASA-201708-18","reference_id":"ASA-201708-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-18"},{"reference_url":"https://security.archlinux.org/ASA-201708-3","reference_id":"ASA-201708-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-3"},{"reference_url":"https://security.archlinux.org/AVG-375","reference_id":"AVG-375","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-375"},{"reference_url":"https://security.archlinux.org/AVG-385","reference_id":"AVG-385","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7807","reference_id":"CVE-2017-7807","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"},{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7807"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://security.gentoo.org/glsa/201803-14","reference_id":"GLSA-201803-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18","reference_id":"mfsa2017-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19","reference_id":"mfsa2017-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20","reference_id":"mfsa2017-20","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2456","reference_id":"RHSA-2017:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2534","reference_id":"RHSA-2017:2534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2534"},{"reference_url":"https://usn.ubuntu.com/3391-1/","reference_id":"USN-3391-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3391-1/"},{"reference_url":"https://usn.ubuntu.com/3416-1/","reference_id":"USN-3416-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3416-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7807"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d7jf-wx4p-cuek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51552?format=json","vulnerability_id":"VCID-dck1-2x3v-1ygr","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7792.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7792.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7792","reference_id":"","reference_type":"","scores":[{"value":"0.07363","scoring_system":"epss","scoring_elements":"0.91716","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07363","scoring_system":"epss","scoring_elements":"0.9172","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07363","scoring_system":"epss","scoring_elements":"0.91673","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07363","scoring_system":"epss","scoring_elements":"0.91718","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07363","scoring_system":"epss","scoring_elements":"0.91715","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07363","scoring_system":"epss","scoring_elements":"0.91708","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07363","scoring_system":"epss","scoring_elements":"0.91695","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07363","scoring_system":"epss","scoring_elements":"0.91681","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07363","scoring_system":"epss","scoring_elements":"0.91686","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7792"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1368652","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1368652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:C/I:C/A:C"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3928","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3928"},{"reference_url":"https://www.debian.org/security/2017/dsa-3968","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3968"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-18/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-18/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-19/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-19/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-20/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-20/"},{"reference_url":"http://www.securityfocus.com/bid/100206","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/100206"},{"reference_url":"http://www.securitytracker.com/id/1039124","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039124"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479210","reference_id":"1479210","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479210"},{"reference_url":"https://security.archlinux.org/ASA-201708-18","reference_id":"ASA-201708-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-18"},{"reference_url":"https://security.archlinux.org/ASA-201708-3","reference_id":"ASA-201708-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-3"},{"reference_url":"https://security.archlinux.org/AVG-375","reference_id":"AVG-375","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-375"},{"reference_url":"https://security.archlinux.org/AVG-385","reference_id":"AVG-385","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7792","reference_id":"CVE-2017-7792","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7792"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://security.gentoo.org/glsa/201803-14","reference_id":"GLSA-201803-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18","reference_id":"mfsa2017-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19","reference_id":"mfsa2017-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20","reference_id":"mfsa2017-20","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2456","reference_id":"RHSA-2017:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2534","reference_id":"RHSA-2017:2534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2534"},{"reference_url":"https://usn.ubuntu.com/3391-1/","reference_id":"USN-3391-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3391-1/"},{"reference_url":"https://usn.ubuntu.com/3416-1/","reference_id":"USN-3416-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3416-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7792"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dck1-2x3v-1ygr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56565?format=json","vulnerability_id":"VCID-f7zd-nx3e-tba1","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7771.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7771.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7771","reference_id":"","reference_type":"","scores":[{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67465","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67542","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67522","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.675","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67552","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67566","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67588","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67575","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67501","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472212","reference_id":"1472212","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472212"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7771","reference_id":"CVE-2017-7771","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:P"},{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7771"},{"reference_url":"https://security.gentoo.org/glsa/201710-13","reference_id":"GLSA-201710-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-13"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1793","reference_id":"RHSA-2017:1793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1793"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"},{"reference_url":"https://usn.ubuntu.com/3398-1/","reference_id":"USN-3398-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3398-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7771"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f7zd-nx3e-tba1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56566?format=json","vulnerability_id":"VCID-h63e-ngr6-zqee","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7772.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7772.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7772","reference_id":"","reference_type":"","scores":[{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69885","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69947","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69911","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69888","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69936","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69953","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69976","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69961","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69897","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472213","reference_id":"1472213","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472213"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7772","reference_id":"CVE-2017-7772","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7772"},{"reference_url":"https://security.gentoo.org/glsa/201710-13","reference_id":"GLSA-201710-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-13"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1793","reference_id":"RHSA-2017:1793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1793"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"},{"reference_url":"https://usn.ubuntu.com/3398-1/","reference_id":"USN-3398-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3398-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7772"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h63e-ngr6-zqee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51557?format=json","vulnerability_id":"VCID-hk7b-ckyd-7qg2","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7803.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7803.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7803","reference_id":"","reference_type":"","scores":[{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78017","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78019","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.77961","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78036","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78009","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78005","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.77978","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.77968","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.77996","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7803"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1377426","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1377426"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:C"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3928","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3928"},{"reference_url":"https://www.debian.org/security/2017/dsa-3968","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3968"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-18/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-18/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-19/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-19/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-20/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-20/"},{"reference_url":"http://www.securityfocus.com/bid/100234","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/100234"},{"reference_url":"http://www.securitytracker.com/id/1039124","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039124"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479225","reference_id":"1479225","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479225"},{"reference_url":"https://security.archlinux.org/ASA-201708-18","reference_id":"ASA-201708-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-18"},{"reference_url":"https://security.archlinux.org/ASA-201708-3","reference_id":"ASA-201708-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-3"},{"reference_url":"https://security.archlinux.org/AVG-375","reference_id":"AVG-375","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-375"},{"reference_url":"https://security.archlinux.org/AVG-385","reference_id":"AVG-385","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7803","reference_id":"CVE-2017-7803","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7803"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://security.gentoo.org/glsa/201803-14","reference_id":"GLSA-201803-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18","reference_id":"mfsa2017-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19","reference_id":"mfsa2017-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20","reference_id":"mfsa2017-20","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2456","reference_id":"RHSA-2017:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2534","reference_id":"RHSA-2017:2534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2534"},{"reference_url":"https://usn.ubuntu.com/3391-1/","reference_id":"USN-3391-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3391-1/"},{"reference_url":"https://usn.ubuntu.com/3416-1/","reference_id":"USN-3416-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3416-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7803"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hk7b-ckyd-7qg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51545?format=json","vulnerability_id":"VCID-hw2h-w5r2-7qhv","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7753.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7753.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7753","reference_id":"","reference_type":"","scores":[{"value":"0.01721","scoring_system":"epss","scoring_elements":"0.82401","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01721","scoring_system":"epss","scoring_elements":"0.82407","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01721","scoring_system":"epss","scoring_elements":"0.82329","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01721","scoring_system":"epss","scoring_elements":"0.8241","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01721","scoring_system":"epss","scoring_elements":"0.82391","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01721","scoring_system":"epss","scoring_elements":"0.82384","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01721","scoring_system":"epss","scoring_elements":"0.82356","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01721","scoring_system":"epss","scoring_elements":"0.82343","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01721","scoring_system":"epss","scoring_elements":"0.82361","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7753"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1353312","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1353312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:C"},{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3928","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3928"},{"reference_url":"https://www.debian.org/security/2017/dsa-3968","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3968"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-18/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-18/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-19/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-19/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-20/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-20/"},{"reference_url":"http://www.securityfocus.com/bid/100315","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/100315"},{"reference_url":"http://www.securitytracker.com/id/1039124","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039124"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479188","reference_id":"1479188","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479188"},{"reference_url":"https://security.archlinux.org/ASA-201708-18","reference_id":"ASA-201708-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-18"},{"reference_url":"https://security.archlinux.org/ASA-201708-3","reference_id":"ASA-201708-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-3"},{"reference_url":"https://security.archlinux.org/AVG-375","reference_id":"AVG-375","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-375"},{"reference_url":"https://security.archlinux.org/AVG-385","reference_id":"AVG-385","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7753","reference_id":"CVE-2017-7753","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:P"},{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7753"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://security.gentoo.org/glsa/201803-14","reference_id":"GLSA-201803-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18","reference_id":"mfsa2017-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19","reference_id":"mfsa2017-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20","reference_id":"mfsa2017-20","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2456","reference_id":"RHSA-2017:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2534","reference_id":"RHSA-2017:2534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2534"},{"reference_url":"https://usn.ubuntu.com/3391-1/","reference_id":"USN-3391-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3391-1/"},{"reference_url":"https://usn.ubuntu.com/3416-1/","reference_id":"USN-3416-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3416-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7753"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hw2h-w5r2-7qhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56568?format=json","vulnerability_id":"VCID-j56s-gf2k-zqdx","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7774.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7774.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7774","reference_id":"","reference_type":"","scores":[{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68255","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.6832","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68295","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68272","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68323","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68339","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68365","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68352","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68275","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472219","reference_id":"1472219","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472219"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7774","reference_id":"CVE-2017-7774","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:P"},{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7774"},{"reference_url":"https://security.gentoo.org/glsa/201710-13","reference_id":"GLSA-201710-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-13"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1793","reference_id":"RHSA-2017:1793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1793"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"},{"reference_url":"https://usn.ubuntu.com/3398-1/","reference_id":"USN-3398-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3398-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7774"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j56s-gf2k-zqdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59382?format=json","vulnerability_id":"VCID-jwnz-gnjs-1uaa","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7751.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7751.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7751","reference_id":"","reference_type":"","scores":[{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83117","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83121","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83051","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83127","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83111","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83103","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83079","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83067","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83081","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7751"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1363396","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1363396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3881","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3881"},{"reference_url":"https://www.debian.org/security/2017/dsa-3918","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3918"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-15/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-15/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-16/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-16/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-17/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-17/"},{"reference_url":"http://www.securityfocus.com/bid/99057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/99057"},{"reference_url":"http://www.securitytracker.com/id/1038689","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1038689"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461255","reference_id":"1461255","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461255"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7751","reference_id":"CVE-2017-7751","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7751"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7751"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jwnz-gnjs-1uaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56570?format=json","vulnerability_id":"VCID-k79j-1yvn-qfd2","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7776.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7776.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7776","reference_id":"","reference_type":"","scores":[{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69885","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69947","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69911","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69888","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69936","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69953","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69976","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69961","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69897","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472223","reference_id":"1472223","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472223"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7776","reference_id":"CVE-2017-7776","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:P"},{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7776"},{"reference_url":"https://security.gentoo.org/glsa/201710-13","reference_id":"GLSA-201710-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-13"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1793","reference_id":"RHSA-2017:1793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1793"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"},{"reference_url":"https://usn.ubuntu.com/3398-1/","reference_id":"USN-3398-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3398-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7776"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k79j-1yvn-qfd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59381?format=json","vulnerability_id":"VCID-nyn2-zf8c-67cb","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7750.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7750.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7750","reference_id":"","reference_type":"","scores":[{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83117","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83121","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83051","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83127","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83111","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83103","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83079","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83067","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83081","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7750"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1356558","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1356558"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3881","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3881"},{"reference_url":"https://www.debian.org/security/2017/dsa-3918","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3918"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-15/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-15/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-16/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-16/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-17/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-17/"},{"reference_url":"http://www.securityfocus.com/bid/99057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/99057"},{"reference_url":"http://www.securitytracker.com/id/1038689","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1038689"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461254","reference_id":"1461254","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461254"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7750","reference_id":"CVE-2017-7750","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7750"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7750"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nyn2-zf8c-67cb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59388?format=json","vulnerability_id":"VCID-pmwj-2v2k-nfcb","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7758.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7758.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7758","reference_id":"","reference_type":"","scores":[{"value":"0.01684","scoring_system":"epss","scoring_elements":"0.82199","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01684","scoring_system":"epss","scoring_elements":"0.82205","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01684","scoring_system":"epss","scoring_elements":"0.82128","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01684","scoring_system":"epss","scoring_elements":"0.82213","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01684","scoring_system":"epss","scoring_elements":"0.82193","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01684","scoring_system":"epss","scoring_elements":"0.82186","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01684","scoring_system":"epss","scoring_elements":"0.8216","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01684","scoring_system":"epss","scoring_elements":"0.82142","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01684","scoring_system":"epss","scoring_elements":"0.82163","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7758"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1368490","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1368490"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3881","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3881"},{"reference_url":"https://www.debian.org/security/2017/dsa-3918","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3918"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-15/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-15/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-16/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-16/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-17/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-17/"},{"reference_url":"http://www.securityfocus.com/bid/99057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/99057"},{"reference_url":"http://www.securitytracker.com/id/1038689","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1038689"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461261","reference_id":"1461261","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461261"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7758","reference_id":"CVE-2017-7758","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:P"},{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7758"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7758"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pmwj-2v2k-nfcb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59383?format=json","vulnerability_id":"VCID-pww9-m9d4-euew","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7752.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7752.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7752","reference_id":"","reference_type":"","scores":[{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.76644","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.76653","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.7659","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.76673","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.76647","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.76635","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.76603","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.76594","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.76622","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7752"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1359547","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1359547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3881","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3881"},{"reference_url":"https://www.debian.org/security/2017/dsa-3918","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3918"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-15/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-15/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-16/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-16/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-17/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-17/"},{"reference_url":"http://www.securityfocus.com/bid/99057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/99057"},{"reference_url":"http://www.securitytracker.com/id/1038689","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1038689"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461256","reference_id":"1461256","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461256"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7752","reference_id":"CVE-2017-7752","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7752"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7752"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pww9-m9d4-euew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51548?format=json","vulnerability_id":"VCID-q7jk-b69d-bbav","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7785.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7785.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7785","reference_id":"","reference_type":"","scores":[{"value":"0.08433","scoring_system":"epss","scoring_elements":"0.92342","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08433","scoring_system":"epss","scoring_elements":"0.92344","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08433","scoring_system":"epss","scoring_elements":"0.92306","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08433","scoring_system":"epss","scoring_elements":"0.92343","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08433","scoring_system":"epss","scoring_elements":"0.92338","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08433","scoring_system":"epss","scoring_elements":"0.92333","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08433","scoring_system":"epss","scoring_elements":"0.92322","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08433","scoring_system":"epss","scoring_elements":"0.92313","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08433","scoring_system":"epss","scoring_elements":"0.92319","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7785"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1356985","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1356985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:C/I:C/A:C"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3928","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3928"},{"reference_url":"https://www.debian.org/security/2017/dsa-3968","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3968"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-18/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-18/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-19/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-19/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-20/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-20/"},{"reference_url":"http://www.securityfocus.com/bid/100206","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/100206"},{"reference_url":"http://www.securitytracker.com/id/1039124","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039124"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479203","reference_id":"1479203","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479203"},{"reference_url":"https://security.archlinux.org/ASA-201708-18","reference_id":"ASA-201708-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-18"},{"reference_url":"https://security.archlinux.org/ASA-201708-3","reference_id":"ASA-201708-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-3"},{"reference_url":"https://security.archlinux.org/AVG-375","reference_id":"AVG-375","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-375"},{"reference_url":"https://security.archlinux.org/AVG-385","reference_id":"AVG-385","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7785","reference_id":"CVE-2017-7785","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7785"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://security.gentoo.org/glsa/201803-14","reference_id":"GLSA-201803-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18","reference_id":"mfsa2017-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19","reference_id":"mfsa2017-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20","reference_id":"mfsa2017-20","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2456","reference_id":"RHSA-2017:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2534","reference_id":"RHSA-2017:2534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2534"},{"reference_url":"https://usn.ubuntu.com/3391-1/","reference_id":"USN-3391-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3391-1/"},{"reference_url":"https://usn.ubuntu.com/3416-1/","reference_id":"USN-3416-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3416-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7785"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q7jk-b69d-bbav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51560?format=json","vulnerability_id":"VCID-qetw-2ah7-5ba4","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7809.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7809.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7809","reference_id":"","reference_type":"","scores":[{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84714","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.8472","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84641","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84725","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84707","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.847","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84678","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84656","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84676","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7809"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1380284","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1380284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:C"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3928","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3928"},{"reference_url":"https://www.debian.org/security/2017/dsa-3968","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3968"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-18/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-18/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-19/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-19/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-20/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-20/"},{"reference_url":"http://www.securityfocus.com/bid/100203","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/100203"},{"reference_url":"http://www.securitytracker.com/id/1039124","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039124"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479650","reference_id":"1479650","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479650"},{"reference_url":"https://security.archlinux.org/ASA-201708-18","reference_id":"ASA-201708-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-18"},{"reference_url":"https://security.archlinux.org/ASA-201708-3","reference_id":"ASA-201708-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-3"},{"reference_url":"https://security.archlinux.org/AVG-375","reference_id":"AVG-375","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-375"},{"reference_url":"https://security.archlinux.org/AVG-385","reference_id":"AVG-385","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7809","reference_id":"CVE-2017-7809","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7809"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://security.gentoo.org/glsa/201803-14","reference_id":"GLSA-201803-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18","reference_id":"mfsa2017-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19","reference_id":"mfsa2017-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20","reference_id":"mfsa2017-20","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2456","reference_id":"RHSA-2017:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2534","reference_id":"RHSA-2017:2534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2534"},{"reference_url":"https://usn.ubuntu.com/3391-1/","reference_id":"USN-3391-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3391-1/"},{"reference_url":"https://usn.ubuntu.com/3416-1/","reference_id":"USN-3416-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3416-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7809"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qetw-2ah7-5ba4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51549?format=json","vulnerability_id":"VCID-qh1k-c7ct-efg8","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7786.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7786.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7786","reference_id":"","reference_type":"","scores":[{"value":"0.0852","scoring_system":"epss","scoring_elements":"0.92383","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0852","scoring_system":"epss","scoring_elements":"0.92381","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0852","scoring_system":"epss","scoring_elements":"0.92342","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0852","scoring_system":"epss","scoring_elements":"0.92375","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0852","scoring_system":"epss","scoring_elements":"0.92371","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0852","scoring_system":"epss","scoring_elements":"0.92359","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0852","scoring_system":"epss","scoring_elements":"0.92349","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0852","scoring_system":"epss","scoring_elements":"0.92355","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7786"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1365189","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1365189"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:C"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3928","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3928"},{"reference_url":"https://www.debian.org/security/2017/dsa-3968","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3968"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-18/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-18/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-19/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-19/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-20/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-20/"},{"reference_url":"http://www.securityfocus.com/bid/100206","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/100206"},{"reference_url":"http://www.securitytracker.com/id/1039124","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039124"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479205","reference_id":"1479205","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479205"},{"reference_url":"https://security.archlinux.org/ASA-201708-18","reference_id":"ASA-201708-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-18"},{"reference_url":"https://security.archlinux.org/ASA-201708-3","reference_id":"ASA-201708-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-3"},{"reference_url":"https://security.archlinux.org/AVG-375","reference_id":"AVG-375","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-375"},{"reference_url":"https://security.archlinux.org/AVG-385","reference_id":"AVG-385","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7786","reference_id":"CVE-2017-7786","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7786"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://security.gentoo.org/glsa/201803-14","reference_id":"GLSA-201803-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18","reference_id":"mfsa2017-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19","reference_id":"mfsa2017-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20","reference_id":"mfsa2017-20","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2456","reference_id":"RHSA-2017:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2534","reference_id":"RHSA-2017:2534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2534"},{"reference_url":"https://usn.ubuntu.com/3391-1/","reference_id":"USN-3391-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3391-1/"},{"reference_url":"https://usn.ubuntu.com/3416-1/","reference_id":"USN-3416-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3416-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7786"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qh1k-c7ct-efg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56571?format=json","vulnerability_id":"VCID-qhes-9dcx-tbb5","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7777.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7777.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7777","reference_id":"","reference_type":"","scores":[{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65693","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65777","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65772","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65737","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.6579","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65801","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65822","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65807","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65742","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472225","reference_id":"1472225","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472225"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7777","reference_id":"CVE-2017-7777","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7777"},{"reference_url":"https://security.gentoo.org/glsa/201710-13","reference_id":"GLSA-201710-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-13"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1793","reference_id":"RHSA-2017:1793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1793"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"},{"reference_url":"https://usn.ubuntu.com/3398-1/","reference_id":"USN-3398-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3398-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7777"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qhes-9dcx-tbb5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59378?format=json","vulnerability_id":"VCID-rsqj-18a5-23gd","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5470.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5470.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5470","reference_id":"","reference_type":"","scores":[{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83117","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83121","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83051","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83127","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83111","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83103","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83079","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83067","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83081","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5470"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1359639%2C1349595%2C1352295%2C1352556%2C1342552%2C1342567%2C1346012%2C1366140%2C1368732%2C1297111%2C1362590%2C1357462%2C1363280%2C1349266%2C1352093%2C1348424%2C1347748%2C1356025%2C1325513%2C1367692","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1359639%2C1349595%2C1352295%2C1352556%2C1342552%2C1342567%2C1346012%2C1366140%2C1368732%2C1297111%2C1362590%2C1357462%2C1363280%2C1349266%2C1352093%2C1348424%2C1347748%2C1356025%2C1325513%2C1367692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3881","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3881"},{"reference_url":"https://www.debian.org/security/2017/dsa-3918","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3918"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-15/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-15/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-16/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-16/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-17/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-17/"},{"reference_url":"http://www.securityfocus.com/bid/99041","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/99041"},{"reference_url":"http://www.securitytracker.com/id/1038689","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1038689"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461264","reference_id":"1461264","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461264"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5470","reference_id":"CVE-2017-5470","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5470"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-5470"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rsqj-18a5-23gd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51551?format=json","vulnerability_id":"VCID-s558-4jac-47ft","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7791.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7791.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7791","reference_id":"","reference_type":"","scores":[{"value":"0.01355","scoring_system":"epss","scoring_elements":"0.80118","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01355","scoring_system":"epss","scoring_elements":"0.80126","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01355","scoring_system":"epss","scoring_elements":"0.80072","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01355","scoring_system":"epss","scoring_elements":"0.80142","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01355","scoring_system":"epss","scoring_elements":"0.80123","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01355","scoring_system":"epss","scoring_elements":"0.80116","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01355","scoring_system":"epss","scoring_elements":"0.80088","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01355","scoring_system":"epss","scoring_elements":"0.80079","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01355","scoring_system":"epss","scoring_elements":"0.801","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7791"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1365875","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1365875"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:C/I:C/A:N"},{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3928","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3928"},{"reference_url":"https://www.debian.org/security/2017/dsa-3968","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3968"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-18/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-18/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-19/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-19/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-20/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-20/"},{"reference_url":"http://www.securityfocus.com/bid/100240","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/100240"},{"reference_url":"http://www.securitytracker.com/id/1039124","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039124"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479209","reference_id":"1479209","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479209"},{"reference_url":"https://security.archlinux.org/ASA-201708-18","reference_id":"ASA-201708-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-18"},{"reference_url":"https://security.archlinux.org/ASA-201708-3","reference_id":"ASA-201708-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-3"},{"reference_url":"https://security.archlinux.org/AVG-375","reference_id":"AVG-375","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-375"},{"reference_url":"https://security.archlinux.org/AVG-385","reference_id":"AVG-385","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7791","reference_id":"CVE-2017-7791","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7791"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://security.gentoo.org/glsa/201803-14","reference_id":"GLSA-201803-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18","reference_id":"mfsa2017-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19","reference_id":"mfsa2017-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20","reference_id":"mfsa2017-20","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2456","reference_id":"RHSA-2017:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2534","reference_id":"RHSA-2017:2534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2534"},{"reference_url":"https://usn.ubuntu.com/3391-1/","reference_id":"USN-3391-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3391-1/"},{"reference_url":"https://usn.ubuntu.com/3416-1/","reference_id":"USN-3416-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3416-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7791"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s558-4jac-47ft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56572?format=json","vulnerability_id":"VCID-sncj-cwvy-ckdf","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7778.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7778.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7778","reference_id":"","reference_type":"","scores":[{"value":"0.0106","scoring_system":"epss","scoring_elements":"0.77641","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0106","scoring_system":"epss","scoring_elements":"0.77643","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0106","scoring_system":"epss","scoring_elements":"0.77583","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0106","scoring_system":"epss","scoring_elements":"0.77659","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0106","scoring_system":"epss","scoring_elements":"0.77633","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0106","scoring_system":"epss","scoring_elements":"0.77627","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0106","scoring_system":"epss","scoring_elements":"0.77598","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0106","scoring_system":"epss","scoring_elements":"0.7759","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0106","scoring_system":"epss","scoring_elements":"0.77616","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7778"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1349310","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1349310"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1350047","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1350047"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1352745","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1352745"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1352747","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1352747"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1355174","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1355174"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1355182","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1355182"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1356607","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1356607"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1358551","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1358551"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3881","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3881"},{"reference_url":"https://www.debian.org/security/2017/dsa-3894","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3894"},{"reference_url":"https://www.debian.org/security/2017/dsa-3918","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3918"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-15/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-15/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-16/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-16/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-17/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-17/"},{"reference_url":"http://www.securityfocus.com/bid/99057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/99057"},{"reference_url":"http://www.securitytracker.com/id/1038689","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1038689"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461260","reference_id":"1461260","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461260"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7778","reference_id":"CVE-2017-7778","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7778"},{"reference_url":"https://security.gentoo.org/glsa/201710-13","reference_id":"GLSA-201710-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-13"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1793","reference_id":"RHSA-2017:1793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1793"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"},{"reference_url":"https://usn.ubuntu.com/3398-1/","reference_id":"USN-3398-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3398-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7778"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sncj-cwvy-ckdf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51556?format=json","vulnerability_id":"VCID-vgwu-jbjv-xyd1","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7802.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7802.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7802","reference_id":"","reference_type":"","scores":[{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84714","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.8472","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84641","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84725","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84707","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.847","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84678","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84656","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84676","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7802"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1378147","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1378147"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:C"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3928","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3928"},{"reference_url":"https://www.debian.org/security/2017/dsa-3968","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3968"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-18/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-18/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-19/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-19/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-20/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-20/"},{"reference_url":"http://www.securityfocus.com/bid/100202","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/100202"},{"reference_url":"http://www.securitytracker.com/id/1039124","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039124"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479224","reference_id":"1479224","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479224"},{"reference_url":"https://security.archlinux.org/ASA-201708-18","reference_id":"ASA-201708-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-18"},{"reference_url":"https://security.archlinux.org/ASA-201708-3","reference_id":"ASA-201708-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-3"},{"reference_url":"https://security.archlinux.org/AVG-375","reference_id":"AVG-375","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-375"},{"reference_url":"https://security.archlinux.org/AVG-385","reference_id":"AVG-385","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7802","reference_id":"CVE-2017-7802","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7802"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://security.gentoo.org/glsa/201803-14","reference_id":"GLSA-201803-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18","reference_id":"mfsa2017-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19","reference_id":"mfsa2017-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20","reference_id":"mfsa2017-20","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2456","reference_id":"RHSA-2017:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2534","reference_id":"RHSA-2017:2534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2534"},{"reference_url":"https://usn.ubuntu.com/3391-1/","reference_id":"USN-3391-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3391-1/"},{"reference_url":"https://usn.ubuntu.com/3416-1/","reference_id":"USN-3416-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3416-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7802"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vgwu-jbjv-xyd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59379?format=json","vulnerability_id":"VCID-xztj-hyqy-gug6","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5472.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5472.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5472","reference_id":"","reference_type":"","scores":[{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83117","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83121","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83051","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83127","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83111","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83103","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83079","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83067","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83081","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5472"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1365602","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1365602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3881","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3881"},{"reference_url":"https://www.debian.org/security/2017/dsa-3918","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3918"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-15/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-15/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-16/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-16/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-17/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-17/"},{"reference_url":"http://www.securityfocus.com/bid/99040","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/99040"},{"reference_url":"http://www.securitytracker.com/id/1038689","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1038689"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461252","reference_id":"1461252","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461252"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5472","reference_id":"CVE-2017-5472","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5472"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-5472"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xztj-hyqy-gug6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51555?format=json","vulnerability_id":"VCID-xzxb-5pq8-9bfd","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7801.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7801.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7801","reference_id":"","reference_type":"","scores":[{"value":"0.02318","scoring_system":"epss","scoring_elements":"0.84793","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02318","scoring_system":"epss","scoring_elements":"0.84798","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02318","scoring_system":"epss","scoring_elements":"0.84718","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02318","scoring_system":"epss","scoring_elements":"0.84802","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02318","scoring_system":"epss","scoring_elements":"0.84784","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02318","scoring_system":"epss","scoring_elements":"0.84777","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02318","scoring_system":"epss","scoring_elements":"0.84755","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02318","scoring_system":"epss","scoring_elements":"0.84733","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02318","scoring_system":"epss","scoring_elements":"0.84752","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7801"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1371259","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1371259"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:C"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3928","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3928"},{"reference_url":"https://www.debian.org/security/2017/dsa-3968","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3968"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-18/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-18/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-19/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-19/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-20/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-20/"},{"reference_url":"http://www.securityfocus.com/bid/100197","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/100197"},{"reference_url":"http://www.securitytracker.com/id/1039124","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039124"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479223","reference_id":"1479223","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479223"},{"reference_url":"https://security.archlinux.org/ASA-201708-18","reference_id":"ASA-201708-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-18"},{"reference_url":"https://security.archlinux.org/ASA-201708-3","reference_id":"ASA-201708-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-3"},{"reference_url":"https://security.archlinux.org/AVG-375","reference_id":"AVG-375","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-375"},{"reference_url":"https://security.archlinux.org/AVG-385","reference_id":"AVG-385","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7801","reference_id":"CVE-2017-7801","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7801"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://security.gentoo.org/glsa/201803-14","reference_id":"GLSA-201803-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18","reference_id":"mfsa2017-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19","reference_id":"mfsa2017-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20","reference_id":"mfsa2017-20","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2456","reference_id":"RHSA-2017:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2534","reference_id":"RHSA-2017:2534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2534"},{"reference_url":"https://usn.ubuntu.com/3391-1/","reference_id":"USN-3391-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3391-1/"},{"reference_url":"https://usn.ubuntu.com/3416-1/","reference_id":"USN-3416-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3416-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7801"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xzxb-5pq8-9bfd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51554?format=json","vulnerability_id":"VCID-yk2z-f6vu-93fb","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7800.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7800.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7800","reference_id":"","reference_type":"","scores":[{"value":"0.04285","scoring_system":"epss","scoring_elements":"0.88853","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04285","scoring_system":"epss","scoring_elements":"0.88858","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04285","scoring_system":"epss","scoring_elements":"0.88797","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04285","scoring_system":"epss","scoring_elements":"0.88846","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04285","scoring_system":"epss","scoring_elements":"0.88841","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04285","scoring_system":"epss","scoring_elements":"0.88824","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04285","scoring_system":"epss","scoring_elements":"0.88805","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04285","scoring_system":"epss","scoring_elements":"0.88821","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7800"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1374047","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1374047"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:C"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3928","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3928"},{"reference_url":"https://www.debian.org/security/2017/dsa-3968","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3968"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-18/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-18/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-19/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-19/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-20/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-20/"},{"reference_url":"http://www.securityfocus.com/bid/100196","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/100196"},{"reference_url":"http://www.securitytracker.com/id/1039124","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039124"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479218","reference_id":"1479218","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479218"},{"reference_url":"https://security.archlinux.org/ASA-201708-18","reference_id":"ASA-201708-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-18"},{"reference_url":"https://security.archlinux.org/ASA-201708-3","reference_id":"ASA-201708-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-3"},{"reference_url":"https://security.archlinux.org/AVG-375","reference_id":"AVG-375","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-375"},{"reference_url":"https://security.archlinux.org/AVG-385","reference_id":"AVG-385","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7800","reference_id":"CVE-2017-7800","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7800"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://security.gentoo.org/glsa/201803-14","reference_id":"GLSA-201803-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18","reference_id":"mfsa2017-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19","reference_id":"mfsa2017-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20","reference_id":"mfsa2017-20","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2456","reference_id":"RHSA-2017:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2534","reference_id":"RHSA-2017:2534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2534"},{"reference_url":"https://usn.ubuntu.com/3391-1/","reference_id":"USN-3391-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3391-1/"},{"reference_url":"https://usn.ubuntu.com/3416-1/","reference_id":"USN-3416-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3416-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7800"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yk2z-f6vu-93fb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59385?format=json","vulnerability_id":"VCID-z3r1-zkkw-8fhq","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7756.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7756.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7756","reference_id":"","reference_type":"","scores":[{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83117","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83121","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83051","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83127","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83111","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83103","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83079","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83067","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83081","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7756"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1366595","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1366595"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3881","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3881"},{"reference_url":"https://www.debian.org/security/2017/dsa-3918","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3918"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-15/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-15/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-16/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-16/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-17/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-17/"},{"reference_url":"http://www.securityfocus.com/bid/99057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/99057"},{"reference_url":"http://www.securitytracker.com/id/1038689","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1038689"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461258","reference_id":"1461258","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461258"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7756","reference_id":"CVE-2017-7756","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7756"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7756"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z3r1-zkkw-8fhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56567?format=json","vulnerability_id":"VCID-z7sd-q1rk-jqa7","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7773.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7773.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7773","reference_id":"","reference_type":"","scores":[{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69885","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69947","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69911","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69888","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69936","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69953","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69976","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69961","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.69897","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472215","reference_id":"1472215","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472215"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7773","reference_id":"CVE-2017-7773","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7773"},{"reference_url":"https://security.gentoo.org/glsa/201710-13","reference_id":"GLSA-201710-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-13"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1793","reference_id":"RHSA-2017:1793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1793"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"},{"reference_url":"https://usn.ubuntu.com/3398-1/","reference_id":"USN-3398-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3398-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035755?format=json","purl":"pkg:deb/debian/icedove@1:52.3.0-4~deb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2"}],"aliases":["CVE-2017-7773"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z7sd-q1rk-jqa7"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51741?format=json","vulnerability_id":"VCID-19cb-y1de-u3bn","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1957.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1957.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1957","reference_id":"","reference_type":"","scores":[{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57822","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57713","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57848","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57864","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57843","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57797","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57817","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57791","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57846","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1957"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1227052","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1227052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-20.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-20.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315573","reference_id":"1315573","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315573"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1957","reference_id":"CVE-2016-1957","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1957"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-20","reference_id":"mfsa2016-20","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-1957"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-19cb-y1de-u3bn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56761?format=json","vulnerability_id":"VCID-1tcx-3zn1-ykdq","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9904.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9904.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9904","reference_id":"","reference_type":"","scores":[{"value":"0.01192","scoring_system":"epss","scoring_elements":"0.78845","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01192","scoring_system":"epss","scoring_elements":"0.78854","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01192","scoring_system":"epss","scoring_elements":"0.78797","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01192","scoring_system":"epss","scoring_elements":"0.78871","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01192","scoring_system":"epss","scoring_elements":"0.78848","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01192","scoring_system":"epss","scoring_elements":"0.78841","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01192","scoring_system":"epss","scoring_elements":"0.78816","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01192","scoring_system":"epss","scoring_elements":"0.78833","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01192","scoring_system":"epss","scoring_elements":"0.78804","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9904"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1317936","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1317936"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3757","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3757"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-94/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-94/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-95/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-95/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-96/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-96/"},{"reference_url":"http://www.securityfocus.com/bid/94885","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94885"},{"reference_url":"http://www.securitytracker.com/id/1037461","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404091","reference_id":"1404091","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404091"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9904","reference_id":"CVE-2016-9904","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9904"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95","reference_id":"mfsa2016-95","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96","reference_id":"mfsa2016-96","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2946","reference_id":"RHSA-2016:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2946"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-9904"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1tcx-3zn1-ykdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56754?format=json","vulnerability_id":"VCID-2ptm-gx1p-uyhf","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9897.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9897.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9897","reference_id":"","reference_type":"","scores":[{"value":"0.0395","scoring_system":"epss","scoring_elements":"0.88353","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0395","scoring_system":"epss","scoring_elements":"0.88361","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0395","scoring_system":"epss","scoring_elements":"0.88298","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0395","scoring_system":"epss","scoring_elements":"0.88351","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0395","scoring_system":"epss","scoring_elements":"0.88344","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0395","scoring_system":"epss","scoring_elements":"0.88325","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0395","scoring_system":"epss","scoring_elements":"0.88306","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0395","scoring_system":"epss","scoring_elements":"0.8832","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9897"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1301381","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1301381"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3757","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3757"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-94/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-94/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-95/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-95/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-96/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-96/"},{"reference_url":"http://www.securityfocus.com/bid/94885","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94885"},{"reference_url":"http://www.securitytracker.com/id/1037461","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404087","reference_id":"1404087","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404087"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9897","reference_id":"CVE-2016-9897","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9897"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95","reference_id":"mfsa2016-95","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96","reference_id":"mfsa2016-96","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2946","reference_id":"RHSA-2016:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2946"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-9897"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2ptm-gx1p-uyhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56746?format=json","vulnerability_id":"VCID-3dea-vjmc-b7eb","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5297.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5297.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5297","reference_id":"","reference_type":"","scores":[{"value":"0.01818","scoring_system":"epss","scoring_elements":"0.8286","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01818","scoring_system":"epss","scoring_elements":"0.82864","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01818","scoring_system":"epss","scoring_elements":"0.82795","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01818","scoring_system":"epss","scoring_elements":"0.82869","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01818","scoring_system":"epss","scoring_elements":"0.82853","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01818","scoring_system":"epss","scoring_elements":"0.82846","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01818","scoring_system":"epss","scoring_elements":"0.82821","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01818","scoring_system":"epss","scoring_elements":"0.82825","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01818","scoring_system":"epss","scoring_elements":"0.82812","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5297"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1303678","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1303678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2016/dsa-3730","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2016/dsa-3730"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-89/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-89/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-90/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-90/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-93/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-93/"},{"reference_url":"http://www.securityfocus.com/bid/94336","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94336"},{"reference_url":"http://www.securitytracker.com/id/1037298","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037298"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395058","reference_id":"1395058","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395058"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5297","reference_id":"CVE-2016-5297","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5297"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90","reference_id":"mfsa2016-90","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93","reference_id":"mfsa2016-93","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2780","reference_id":"RHSA-2016:2780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2780"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"},{"reference_url":"https://usn.ubuntu.com/3141-1/","reference_id":"USN-3141-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3141-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-5297"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3dea-vjmc-b7eb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31911?format=json","vulnerability_id":"VCID-3ehk-593t-abcp","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0459.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0459.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0461.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0461.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0498.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0498.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5408.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5408.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5408","reference_id":"","reference_type":"","scores":[{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77717","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77718","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77734","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77658","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77675","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77703","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77665","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77692","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77708","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5408"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1313711","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1313711"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3805","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3805"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-05/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-05/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-06/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-06/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-07/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-07/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-09/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-09/"},{"reference_url":"http://www.securityfocus.com/bid/96693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/96693"},{"reference_url":"http://www.securitytracker.com/id/1037966","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037966"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429784","reference_id":"1429784","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429784"},{"reference_url":"https://security.archlinux.org/ASA-201703-2","reference_id":"ASA-201703-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-2"},{"reference_url":"https://security.archlinux.org/ASA-201703-3","reference_id":"ASA-201703-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-3"},{"reference_url":"https://security.archlinux.org/AVG-193","reference_id":"AVG-193","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-193"},{"reference_url":"https://security.archlinux.org/AVG-194","reference_id":"AVG-194","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-194"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5408","reference_id":"CVE-2017-5408","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5408"},{"reference_url":"https://security.gentoo.org/glsa/201705-06","reference_id":"GLSA-201705-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201705-06"},{"reference_url":"https://security.gentoo.org/glsa/201705-07","reference_id":"GLSA-201705-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201705-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05","reference_id":"mfsa2017-05","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06","reference_id":"mfsa2017-06","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-07","reference_id":"mfsa2017-07","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-09","reference_id":"mfsa2017-09","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0459","reference_id":"RHSA-2017:0459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0461","reference_id":"RHSA-2017:0461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0498","reference_id":"RHSA-2017:0498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0498"},{"reference_url":"https://usn.ubuntu.com/3216-1/","reference_id":"USN-3216-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3216-1/"},{"reference_url":"https://usn.ubuntu.com/3233-1/","reference_id":"USN-3233-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3233-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2017-5408"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3ehk-593t-abcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31904?format=json","vulnerability_id":"VCID-3nup-1513-ybaq","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0459.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0459.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0461.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0461.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0498.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0498.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5400.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5400.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5400","reference_id":"","reference_type":"","scores":[{"value":"0.00999","scoring_system":"epss","scoring_elements":"0.76973","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00999","scoring_system":"epss","scoring_elements":"0.76978","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00999","scoring_system":"epss","scoring_elements":"0.76999","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00999","scoring_system":"epss","scoring_elements":"0.76909","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00999","scoring_system":"epss","scoring_elements":"0.76928","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00999","scoring_system":"epss","scoring_elements":"0.7696","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00999","scoring_system":"epss","scoring_elements":"0.76915","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00999","scoring_system":"epss","scoring_elements":"0.76945","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00999","scoring_system":"epss","scoring_elements":"0.76971","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5400"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1334933","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1334933"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3805","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3805"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-05/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-05/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-06/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-06/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-07/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-07/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-09/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-09/"},{"reference_url":"http://www.securityfocus.com/bid/96654","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/96654"},{"reference_url":"http://www.securitytracker.com/id/1037966","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037966"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429778","reference_id":"1429778","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429778"},{"reference_url":"https://security.archlinux.org/ASA-201703-2","reference_id":"ASA-201703-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-2"},{"reference_url":"https://security.archlinux.org/ASA-201703-3","reference_id":"ASA-201703-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-3"},{"reference_url":"https://security.archlinux.org/AVG-193","reference_id":"AVG-193","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-193"},{"reference_url":"https://security.archlinux.org/AVG-194","reference_id":"AVG-194","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-194"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5400","reference_id":"CVE-2017-5400","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5400"},{"reference_url":"https://security.gentoo.org/glsa/201705-06","reference_id":"GLSA-201705-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201705-06"},{"reference_url":"https://security.gentoo.org/glsa/201705-07","reference_id":"GLSA-201705-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201705-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05","reference_id":"mfsa2017-05","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06","reference_id":"mfsa2017-06","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-07","reference_id":"mfsa2017-07","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-09","reference_id":"mfsa2017-09","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0459","reference_id":"RHSA-2017:0459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0461","reference_id":"RHSA-2017:0461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0498","reference_id":"RHSA-2017:0498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0498"},{"reference_url":"https://usn.ubuntu.com/3216-1/","reference_id":"USN-3216-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3216-1/"},{"reference_url":"https://usn.ubuntu.com/3233-1/","reference_id":"USN-3233-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3233-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2017-5400"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3nup-1513-ybaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31912?format=json","vulnerability_id":"VCID-3tww-nhmh-gua6","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0459.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0459.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0461.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0461.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0498.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0498.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5410.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5410.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5410","reference_id":"","reference_type":"","scores":[{"value":"0.02531","scoring_system":"epss","scoring_elements":"0.8544","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02531","scoring_system":"epss","scoring_elements":"0.85443","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02531","scoring_system":"epss","scoring_elements":"0.85445","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02531","scoring_system":"epss","scoring_elements":"0.85367","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02531","scoring_system":"epss","scoring_elements":"0.85401","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02531","scoring_system":"epss","scoring_elements":"0.85422","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02531","scoring_system":"epss","scoring_elements":"0.85379","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02531","scoring_system":"epss","scoring_elements":"0.85398","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02531","scoring_system":"epss","scoring_elements":"0.85431","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5410"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1330687","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1330687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3805","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3805"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-05/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-05/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-06/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-06/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-07/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-07/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-09/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-09/"},{"reference_url":"http://www.securityfocus.com/bid/96693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/96693"},{"reference_url":"http://www.securitytracker.com/id/1037966","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037966"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429783","reference_id":"1429783","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429783"},{"reference_url":"https://security.archlinux.org/ASA-201703-2","reference_id":"ASA-201703-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-2"},{"reference_url":"https://security.archlinux.org/ASA-201703-3","reference_id":"ASA-201703-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-3"},{"reference_url":"https://security.archlinux.org/AVG-193","reference_id":"AVG-193","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-193"},{"reference_url":"https://security.archlinux.org/AVG-194","reference_id":"AVG-194","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-194"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5410","reference_id":"CVE-2017-5410","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5410"},{"reference_url":"https://security.gentoo.org/glsa/201705-06","reference_id":"GLSA-201705-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201705-06"},{"reference_url":"https://security.gentoo.org/glsa/201705-07","reference_id":"GLSA-201705-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201705-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05","reference_id":"mfsa2017-05","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06","reference_id":"mfsa2017-06","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-07","reference_id":"mfsa2017-07","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-09","reference_id":"mfsa2017-09","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0459","reference_id":"RHSA-2017:0459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0461","reference_id":"RHSA-2017:0461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0498","reference_id":"RHSA-2017:0498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0498"},{"reference_url":"https://usn.ubuntu.com/3216-1/","reference_id":"USN-3216-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3216-1/"},{"reference_url":"https://usn.ubuntu.com/3233-1/","reference_id":"USN-3233-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3233-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2017-5410"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3tww-nhmh-gua6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43507?format=json","vulnerability_id":"VCID-4azu-y4y6-nyff","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2794.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2794.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2794","reference_id":"","reference_type":"","scores":[{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75288","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75235","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.753","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75321","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75299","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75238","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.7527","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75247","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75289","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2794"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243526","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3515","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3515"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/bid/84222","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84222"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2927-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2927-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795","reference_id":"1315795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2794","reference_id":"CVE-2016-2794","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:C"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2794"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://security.gentoo.org/glsa/201701-63","reference_id":"GLSA-201701-63","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-63"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37","reference_id":"mfsa2016-37","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2927-1/","reference_id":"USN-2927-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2927-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-2794"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4azu-y4y6-nyff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56755?format=json","vulnerability_id":"VCID-4d2q-usge-77ft","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9898.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9898.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9898","reference_id":"","reference_type":"","scores":[{"value":"0.02604","scoring_system":"epss","scoring_elements":"0.85622","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02604","scoring_system":"epss","scoring_elements":"0.85626","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02604","scoring_system":"epss","scoring_elements":"0.8555","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02604","scoring_system":"epss","scoring_elements":"0.85629","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02604","scoring_system":"epss","scoring_elements":"0.85616","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02604","scoring_system":"epss","scoring_elements":"0.85605","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02604","scoring_system":"epss","scoring_elements":"0.85585","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02604","scoring_system":"epss","scoring_elements":"0.8558","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02604","scoring_system":"epss","scoring_elements":"0.85562","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9898"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1314442","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1314442"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3757","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3757"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-94/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-94/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-95/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-95/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-96/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-96/"},{"reference_url":"http://www.securityfocus.com/bid/94885","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94885"},{"reference_url":"http://www.securitytracker.com/id/1037461","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404089","reference_id":"1404089","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404089"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9898","reference_id":"CVE-2016-9898","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9898"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95","reference_id":"mfsa2016-95","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96","reference_id":"mfsa2016-96","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2946","reference_id":"RHSA-2016:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2946"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-9898"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4d2q-usge-77ft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43521?format=json","vulnerability_id":"VCID-4hnb-y6bt-4fb1","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2798.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2798.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2798","reference_id":"","reference_type":"","scores":[{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68422","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68356","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.6844","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68467","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68455","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68377","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68396","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68373","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68423","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2798"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1248805","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1248805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3515","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3515"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/bid/84222","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84222"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2927-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2927-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795","reference_id":"1315795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2798","reference_id":"CVE-2016-2798","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2798"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://security.gentoo.org/glsa/201701-63","reference_id":"GLSA-201701-63","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-63"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37","reference_id":"mfsa2016-37","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2927-1/","reference_id":"USN-2927-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2927-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-2798"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4hnb-y6bt-4fb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56742?format=json","vulnerability_id":"VCID-545u-wnrj-z3dh","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5291.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5291.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5291","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10895","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10918","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10797","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10951","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1095","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10897","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10822","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10997","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10932","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5291"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1292159","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1292159"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2016/dsa-3730","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2016/dsa-3730"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-89/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-89/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-90/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-90/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-93/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-93/"},{"reference_url":"http://www.securityfocus.com/bid/94336","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94336"},{"reference_url":"http://www.securitytracker.com/id/1037298","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037298"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395065","reference_id":"1395065","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395065"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5291","reference_id":"CVE-2016-5291","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:C/I:N/A:N"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5291"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90","reference_id":"mfsa2016-90","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93","reference_id":"mfsa2016-93","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2780","reference_id":"RHSA-2016:2780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2780"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"},{"reference_url":"https://usn.ubuntu.com/3141-1/","reference_id":"USN-3141-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3141-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-5291"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-545u-wnrj-z3dh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56753?format=json","vulnerability_id":"VCID-5dyh-s3yd-vqes","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9895.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9895.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9895","reference_id":"","reference_type":"","scores":[{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72206","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.7222","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72161","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72236","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72213","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72201","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72164","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72186","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72166","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9895"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1312272","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1312272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3757","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3757"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-94/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-94/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-95/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-95/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-96/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-96/"},{"reference_url":"http://www.securityfocus.com/bid/94885","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94885"},{"reference_url":"http://www.securitytracker.com/id/1037461","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404086","reference_id":"1404086","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404086"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9895","reference_id":"CVE-2016-9895","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9895"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95","reference_id":"mfsa2016-95","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96","reference_id":"mfsa2016-96","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2946","reference_id":"RHSA-2016:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2973","reference_id":"RHSA-2016:2973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2973"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-9895"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5dyh-s3yd-vqes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41541?format=json","vulnerability_id":"VCID-5n3q-eby7-67de","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5373.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5373.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5373","reference_id":"","reference_type":"","scores":[{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82781","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82785","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82714","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.8279","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82774","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82767","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82741","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.8273","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82744","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5373"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1322315%2C1328834%2C1322420%2C1285833%2C1285960%2C1328251%2C1331058%2C1325938%2C1325877","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1322315%2C1328834%2C1322420%2C1285833%2C1285960%2C1328251%2C1331058%2C1325938%2C1325877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3771","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3771"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-02/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-03/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-03/"},{"reference_url":"http://www.securityfocus.com/bid/95762","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95762"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1415924","reference_id":"1415924","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1415924"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/ASA-201701-40","reference_id":"ASA-201701-40","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-40"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://security.archlinux.org/AVG-158","reference_id":"AVG-158","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-158"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5373","reference_id":"CVE-2017-5373","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5373"},{"reference_url":"https://security.gentoo.org/glsa/201702-13","reference_id":"GLSA-201702-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-13"},{"reference_url":"https://security.gentoo.org/glsa/201702-22","reference_id":"GLSA-201702-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-22"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02","reference_id":"mfsa2017-02","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03","reference_id":"mfsa2017-03","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0190","reference_id":"RHSA-2017:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0238","reference_id":"RHSA-2017:0238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0238"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2017-5373"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5n3q-eby7-67de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51735?format=json","vulnerability_id":"VCID-5wqt-2dtu-8qa4","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0495.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0495.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1950.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1950.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1950","reference_id":"","reference_type":"","scores":[{"value":"0.01867","scoring_system":"epss","scoring_elements":"0.8308","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01867","scoring_system":"epss","scoring_elements":"0.83014","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01867","scoring_system":"epss","scoring_elements":"0.83067","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01867","scoring_system":"epss","scoring_elements":"0.83074","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01867","scoring_system":"epss","scoring_elements":"0.8309","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01867","scoring_system":"epss","scoring_elements":"0.83084","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01867","scoring_system":"epss","scoring_elements":"0.83031","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01867","scoring_system":"epss","scoring_elements":"0.83044","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01867","scoring_system":"epss","scoring_elements":"0.83042","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1950"},{"reference_url":"https://bto.bluecoat.com/security-advisory/sa119","reference_id":"","reference_type":"","scores":[],"url":"https://bto.bluecoat.com/security-advisory/sa119"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1245528","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1245528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.3_release_notes","reference_id":"","reference_type":"","scores":[],"url":"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.3_release_notes"},{"reference_url":"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes","reference_id":"","reference_type":"","scores":[],"url":"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://support.apple.com/HT206166","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206166"},{"reference_url":"https://support.apple.com/HT206167","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206167"},{"reference_url":"https://support.apple.com/HT206168","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206168"},{"reference_url":"https://support.apple.com/HT206169","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206169"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.debian.org/security/2016/dsa-3688","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3688"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-35.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-35.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/bid/84223","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84223"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2924-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2924-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1310509","reference_id":"1310509","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1310509"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.19.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:network_security_services:3.19.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.19.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:network_security_services:3.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.20.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:network_security_services:3.20.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.20.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:network_security_services:3.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:iplanet_web_proxy_server:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:iplanet_web_proxy_server:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:iplanet_web_proxy_server:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:iplanet_web_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:iplanet_web_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:iplanet_web_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:vm_server:3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1950","reference_id":"CVE-2016-1950","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1950"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-35","reference_id":"mfsa2016-35","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-35"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0370","reference_id":"RHSA-2016:0370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0371","reference_id":"RHSA-2016:0371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0495","reference_id":"RHSA-2016:0495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0495"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2924-1/","reference_id":"USN-2924-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2924-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-1950"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5wqt-2dtu-8qa4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31910?format=json","vulnerability_id":"VCID-667g-8khd-kkhm","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0459.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0459.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0461.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0461.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0498.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0498.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5407.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5407.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5407","reference_id":"","reference_type":"","scores":[{"value":"0.01045","scoring_system":"epss","scoring_elements":"0.7748","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01045","scoring_system":"epss","scoring_elements":"0.77484","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01045","scoring_system":"epss","scoring_elements":"0.77503","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01045","scoring_system":"epss","scoring_elements":"0.77426","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01045","scoring_system":"epss","scoring_elements":"0.77438","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01045","scoring_system":"epss","scoring_elements":"0.77468","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01045","scoring_system":"epss","scoring_elements":"0.77433","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01045","scoring_system":"epss","scoring_elements":"0.77458","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01045","scoring_system":"epss","scoring_elements":"0.77477","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5407"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1336622","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1336622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3805","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3805"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-05/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-05/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-06/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-06/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-07/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-07/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-09/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-09/"},{"reference_url":"http://www.securityfocus.com/bid/96693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/96693"},{"reference_url":"http://www.securitytracker.com/id/1037966","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037966"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429782","reference_id":"1429782","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429782"},{"reference_url":"https://security.archlinux.org/ASA-201703-2","reference_id":"ASA-201703-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-2"},{"reference_url":"https://security.archlinux.org/ASA-201703-3","reference_id":"ASA-201703-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-3"},{"reference_url":"https://security.archlinux.org/AVG-193","reference_id":"AVG-193","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-193"},{"reference_url":"https://security.archlinux.org/AVG-194","reference_id":"AVG-194","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-194"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5407","reference_id":"CVE-2017-5407","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5407"},{"reference_url":"https://security.gentoo.org/glsa/201705-06","reference_id":"GLSA-201705-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201705-06"},{"reference_url":"https://security.gentoo.org/glsa/201705-07","reference_id":"GLSA-201705-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201705-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05","reference_id":"mfsa2017-05","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06","reference_id":"mfsa2017-06","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-07","reference_id":"mfsa2017-07","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-09","reference_id":"mfsa2017-09","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0459","reference_id":"RHSA-2017:0459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0461","reference_id":"RHSA-2017:0461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0498","reference_id":"RHSA-2017:0498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0498"},{"reference_url":"https://usn.ubuntu.com/3216-1/","reference_id":"USN-3216-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3216-1/"},{"reference_url":"https://usn.ubuntu.com/3233-1/","reference_id":"USN-3233-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3233-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2017-5407"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-667g-8khd-kkhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43534?format=json","vulnerability_id":"VCID-67my-umrg-wkgm","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2802.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2802.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2802","reference_id":"","reference_type":"","scores":[{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68422","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68356","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.6844","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68467","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68455","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68377","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68396","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68373","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68423","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2802"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1248804","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1248804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3515","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3515"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/bid/84222","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84222"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2927-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2927-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795","reference_id":"1315795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2802","reference_id":"CVE-2016-2802","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2802"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://security.gentoo.org/glsa/201701-63","reference_id":"GLSA-201701-63","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-63"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37","reference_id":"mfsa2016-37","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2927-1/","reference_id":"USN-2927-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2927-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-2802"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-67my-umrg-wkgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41545?format=json","vulnerability_id":"VCID-84kk-wfxx-t3c8","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5380.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5380.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5380","reference_id":"","reference_type":"","scores":[{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82781","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82785","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82714","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.8279","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82774","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82767","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82741","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.8273","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82744","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5380"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1322107","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1322107"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3771","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3771"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-02/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-03/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-03/"},{"reference_url":"http://www.securityfocus.com/bid/95769","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95769"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416274","reference_id":"1416274","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416274"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/ASA-201701-40","reference_id":"ASA-201701-40","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-40"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://security.archlinux.org/AVG-158","reference_id":"AVG-158","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-158"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5380","reference_id":"CVE-2017-5380","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5380"},{"reference_url":"https://security.gentoo.org/glsa/201702-13","reference_id":"GLSA-201702-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-13"},{"reference_url":"https://security.gentoo.org/glsa/201702-22","reference_id":"GLSA-201702-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-22"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02","reference_id":"mfsa2017-02","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03","reference_id":"mfsa2017-03","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0190","reference_id":"RHSA-2017:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0238","reference_id":"RHSA-2017:0238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0238"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2017-5380"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-84kk-wfxx-t3c8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43503?format=json","vulnerability_id":"VCID-86q8-2yv7-efez","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2790.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2790.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2790","reference_id":"","reference_type":"","scores":[{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68422","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68356","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.6844","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68467","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68455","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68377","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68396","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68373","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68423","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2790"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243464","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243464"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3515","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3515"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/bid/84222","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84222"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2927-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2927-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795","reference_id":"1315795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2790","reference_id":"CVE-2016-2790","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2790"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://security.gentoo.org/glsa/201701-63","reference_id":"GLSA-201701-63","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-63"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37","reference_id":"mfsa2016-37","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2927-1/","reference_id":"USN-2927-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2927-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-2790"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-86q8-2yv7-efez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50400?format=json","vulnerability_id":"VCID-avw6-7aqv-hbaa","summary":"Multiple vulnerabilities have been found in Mozilla SeaMonkey, the\n    worst of which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2843.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2016-2843.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2850.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2016-2850.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9079.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9079.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9079","reference_id":"","reference_type":"","scores":[{"value":"0.84813","scoring_system":"epss","scoring_elements":"0.9934","published_at":"2026-04-09T12:55:00Z"},{"value":"0.84813","scoring_system":"epss","scoring_elements":"0.99336","published_at":"2026-04-02T12:55:00Z"},{"value":"0.84813","scoring_system":"epss","scoring_elements":"0.99343","published_at":"2026-04-13T12:55:00Z"},{"value":"0.84813","scoring_system":"epss","scoring_elements":"0.99341","published_at":"2026-04-11T12:55:00Z"},{"value":"0.84813","scoring_system":"epss","scoring_elements":"0.99337","published_at":"2026-04-04T12:55:00Z"},{"value":"0.84813","scoring_system":"epss","scoring_elements":"0.99339","published_at":"2026-04-07T12:55:00Z"},{"value":"0.84813","scoring_system":"epss","scoring_elements":"0.99335","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9079"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1321066","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1321066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-9079","reference_id":"","reference_type":"","scores":[],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-9079"},{"reference_url":"https://www.debian.org/security/2016/dsa-3730","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"https://www.debian.org/security/2016/dsa-3730"},{"reference_url":"https://www.exploit-db.com/exploits/41151/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"https://www.exploit-db.com/exploits/41151/"},{"reference_url":"https://www.exploit-db.com/exploits/42327/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"https://www.exploit-db.com/exploits/42327/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-92/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2016-92/"},{"reference_url":"http://www.securityfocus.com/bid/94591","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"http://www.securityfocus.com/bid/94591"},{"reference_url":"http://www.securitytracker.com/id/1037370","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"http://www.securitytracker.com/id/1037370"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1400376","reference_id":"1400376","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1400376"},{"reference_url":"https://security.archlinux.org/ASA-201612-1","reference_id":"ASA-201612-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-1"},{"reference_url":"https://security.archlinux.org/ASA-201612-2","reference_id":"ASA-201612-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-2"},{"reference_url":"https://security.archlinux.org/AVG-90","reference_id":"AVG-90","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-90"},{"reference_url":"https://security.archlinux.org/AVG-91","reference_id":"AVG-91","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-91"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:torproject:tor:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:torproject:tor:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:torproject:tor:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/rapid7/metasploit-framework/blob/f4db90edeb7f03ce1e95f5898954cbea7e13ff6c/modules/exploits/windows/browser/firefox_smil_uaf.rb","reference_id":"CVE-2016-9079","reference_type":"exploit","scores":[],"url":"https://github.com/rapid7/metasploit-framework/blob/f4db90edeb7f03ce1e95f5898954cbea7e13ff6c/modules/exploits/windows/browser/firefox_smil_uaf.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/41151.rb","reference_id":"CVE-2016-9079","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/41151.rb"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9079","reference_id":"CVE-2016-9079","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9079"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/42327.html","reference_id":"CVE-2017-5375;CVE-2016-9079","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/42327.html"},{"reference_url":"https://rh0dev.github.io/blog/2017/the-return-of-the-jit/","reference_id":"CVE-2017-5375;CVE-2016-9079","reference_type":"exploit","scores":[],"url":"https://rh0dev.github.io/blog/2017/the-return-of-the-jit/"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://security.gentoo.org/glsa/201701-35","reference_id":"GLSA-201701-35","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"https://security.gentoo.org/glsa/201701-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-92","reference_id":"mfsa2016-92","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-92"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2843","reference_id":"RHSA-2016:2843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2850","reference_id":"RHSA-2016:2850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2850"},{"reference_url":"https://usn.ubuntu.com/3140-1/","reference_id":"USN-3140-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3140-1/"},{"reference_url":"https://usn.ubuntu.com/3141-1/","reference_id":"USN-3141-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3141-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-9079"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-avw6-7aqv-hbaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41546?format=json","vulnerability_id":"VCID-bjyq-1zfk-eugq","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5383.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5383.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5383","reference_id":"","reference_type":"","scores":[{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85185","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85188","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85113","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.8519","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85176","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85168","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85146","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85126","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85143","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5383"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1323338","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1323338"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1324716","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1324716"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3771","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3771"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-02/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-03/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-03/"},{"reference_url":"http://www.securityfocus.com/bid/95769","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95769"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416281","reference_id":"1416281","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416281"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/ASA-201701-40","reference_id":"ASA-201701-40","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-40"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://security.archlinux.org/AVG-158","reference_id":"AVG-158","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-158"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5383","reference_id":"CVE-2017-5383","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5383"},{"reference_url":"https://security.gentoo.org/glsa/201702-13","reference_id":"GLSA-201702-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-13"},{"reference_url":"https://security.gentoo.org/glsa/201702-22","reference_id":"GLSA-201702-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-22"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02","reference_id":"mfsa2017-02","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03","reference_id":"mfsa2017-03","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0190","reference_id":"RHSA-2017:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0238","reference_id":"RHSA-2017:0238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0238"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2017-5383"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bjyq-1zfk-eugq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63481?format=json","vulnerability_id":"VCID-bp6q-cu6s-2ke7","summary":"Mozilla developers and community members reported several memory safety bugs in the\nbrowser engine used in Firefox and other Mozilla-based products. Some of these bugs showed\nevidence of memory corruption under certain circumstances, and we presume that with enough\neffort at least some of these could be exploited to run arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2818.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2818.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2818","reference_id":"","reference_type":"","scores":[{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60631","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60504","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60627","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60642","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60666","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60652","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60579","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60609","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60578","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2818"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1234147","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1234147"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1256493","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1256493"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1256739","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1256739"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1256968","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1256968"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1261230","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1261230"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1261752","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1261752"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1263384","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1263384"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1264575","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1264575"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1265577","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1265577"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1267130","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1267130"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1269729","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1269729"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1273202","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1273202"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1273701","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1273701"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3600","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3600"},{"reference_url":"http://www.debian.org/security/2016/dsa-3647","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3647"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-49.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-49.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.securityfocus.com/bid/91075","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91075"},{"reference_url":"http://www.securitytracker.com/id/1036057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036057"},{"reference_url":"http://www.ubuntu.com/usn/USN-2993-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2993-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-3023-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3023-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342887","reference_id":"1342887","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342887"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2818","reference_id":"CVE-2016-2818","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2818"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2818","reference_id":"CVE-2016-2818","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2818"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-49","reference_id":"mfsa2016-49","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-49"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1217","reference_id":"RHSA-2016:1217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1392","reference_id":"RHSA-2016:1392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1392"},{"reference_url":"https://usn.ubuntu.com/2993-1/","reference_id":"USN-2993-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2993-1/"},{"reference_url":"https://usn.ubuntu.com/3023-1/","reference_id":"USN-3023-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3023-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-2818"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bp6q-cu6s-2ke7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43531?format=json","vulnerability_id":"VCID-bwm1-yauc-xudu","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2801.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2801.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2801","reference_id":"","reference_type":"","scores":[{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68422","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68356","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.6844","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68467","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68455","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68377","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68396","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68373","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68423","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2801"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1249920","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1249920"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3515","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3515"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/bid/84222","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84222"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2927-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2927-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795","reference_id":"1315795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2801","reference_id":"CVE-2016-2801","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2801"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://security.gentoo.org/glsa/201701-63","reference_id":"GLSA-201701-63","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-63"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37","reference_id":"mfsa2016-37","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2927-1/","reference_id":"USN-2927-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2927-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-2801"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bwm1-yauc-xudu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56696?format=json","vulnerability_id":"VCID-c3ex-zw8a-6bcy","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5257.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5257.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5257","reference_id":"","reference_type":"","scores":[{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75778","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75768","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75779","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75803","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75784","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75721","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75724","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75755","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75733","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377543","reference_id":"1377543","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377543"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1985","reference_id":"RHSA-2016:1985","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1985"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-5257"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c3ex-zw8a-6bcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43513?format=json","vulnerability_id":"VCID-c83b-ttr4-83em","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2797.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2797.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2797","reference_id":"","reference_type":"","scores":[{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.6834","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68276","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.6836","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68386","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68373","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68296","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68316","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68292","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68343","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2797"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243823","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243823"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3515","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3515"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/bid/84222","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84222"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2927-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2927-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795","reference_id":"1315795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2797","reference_id":"CVE-2016-2797","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2797"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://security.gentoo.org/glsa/201701-63","reference_id":"GLSA-201701-63","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-63"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37","reference_id":"mfsa2016-37","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2927-1/","reference_id":"USN-2927-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2927-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-2797"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c83b-ttr4-83em"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41543?format=json","vulnerability_id":"VCID-c8p3-ef58-wudt","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5376.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5376.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5376","reference_id":"","reference_type":"","scores":[{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82781","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82785","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82714","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.8279","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82774","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82767","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82741","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.8273","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82744","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5376"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1311687","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1311687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3771","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3771"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-02/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-03/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-03/"},{"reference_url":"http://www.securityfocus.com/bid/95758","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95758"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416272","reference_id":"1416272","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416272"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/ASA-201701-40","reference_id":"ASA-201701-40","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-40"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://security.archlinux.org/AVG-158","reference_id":"AVG-158","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-158"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5376","reference_id":"CVE-2017-5376","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5376"},{"reference_url":"https://security.gentoo.org/glsa/201702-13","reference_id":"GLSA-201702-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-13"},{"reference_url":"https://security.gentoo.org/glsa/201702-22","reference_id":"GLSA-201702-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-22"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02","reference_id":"mfsa2017-02","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03","reference_id":"mfsa2017-03","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0190","reference_id":"RHSA-2017:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0238","reference_id":"RHSA-2017:0238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0238"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2017-5376"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c8p3-ef58-wudt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51785?format=json","vulnerability_id":"VCID-dk4z-1j37-aucx","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0591.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0591.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0684.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0684.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0685.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0685.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1979.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1979.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1979","reference_id":"","reference_type":"","scores":[{"value":"0.00707","scoring_system":"epss","scoring_elements":"0.72159","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00707","scoring_system":"epss","scoring_elements":"0.72113","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00707","scoring_system":"epss","scoring_elements":"0.72165","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00707","scoring_system":"epss","scoring_elements":"0.72188","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00707","scoring_system":"epss","scoring_elements":"0.72172","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00707","scoring_system":"epss","scoring_elements":"0.72119","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00707","scoring_system":"epss","scoring_elements":"0.72139","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00707","scoring_system":"epss","scoring_elements":"0.72117","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00707","scoring_system":"epss","scoring_elements":"0.72153","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1979"},{"reference_url":"https://bto.bluecoat.com/security-advisory/sa124","reference_id":"","reference_type":"","scores":[],"url":"https://bto.bluecoat.com/security-advisory/sa124"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1185033","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1185033"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807"},{"reference_url":"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes","reference_id":"","reference_type":"","scores":[],"url":"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes"},{"reference_url":"http://www.debian.org/security/2016/dsa-3576","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3576"},{"reference_url":"http://www.debian.org/security/2016/dsa-3688","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3688"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-36.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-36.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/bid/84221","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84221"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2973-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2973-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315202","reference_id":"1315202","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315202"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979","reference_id":"CVE-2016-1979","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1979","reference_id":"CVE-2016-1979","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1979"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-36","reference_id":"mfsa2016-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0591","reference_id":"RHSA-2016:0591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0684","reference_id":"RHSA-2016:0684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0685","reference_id":"RHSA-2016:0685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0685"},{"reference_url":"https://usn.ubuntu.com/2973-1/","reference_id":"USN-2973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-1979"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dk4z-1j37-aucx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31905?format=json","vulnerability_id":"VCID-dxr7-qubc-tyb7","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0459.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0459.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0461.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0461.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0498.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0498.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5401.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5401.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5401","reference_id":"","reference_type":"","scores":[{"value":"0.02199","scoring_system":"epss","scoring_elements":"0.84414","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02199","scoring_system":"epss","scoring_elements":"0.84418","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02199","scoring_system":"epss","scoring_elements":"0.84425","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02199","scoring_system":"epss","scoring_elements":"0.84343","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02199","scoring_system":"epss","scoring_elements":"0.8438","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02199","scoring_system":"epss","scoring_elements":"0.84402","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02199","scoring_system":"epss","scoring_elements":"0.84357","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02199","scoring_system":"epss","scoring_elements":"0.84378","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02199","scoring_system":"epss","scoring_elements":"0.84407","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5401"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1328861","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1328861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3805","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3805"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-05/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-05/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-06/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-06/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-07/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-07/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-09/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-09/"},{"reference_url":"http://www.securityfocus.com/bid/96677","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/96677"},{"reference_url":"http://www.securitytracker.com/id/1037966","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037966"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429779","reference_id":"1429779","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429779"},{"reference_url":"https://security.archlinux.org/ASA-201703-2","reference_id":"ASA-201703-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-2"},{"reference_url":"https://security.archlinux.org/ASA-201703-3","reference_id":"ASA-201703-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-3"},{"reference_url":"https://security.archlinux.org/AVG-193","reference_id":"AVG-193","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-193"},{"reference_url":"https://security.archlinux.org/AVG-194","reference_id":"AVG-194","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-194"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5401","reference_id":"CVE-2017-5401","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5401"},{"reference_url":"https://security.gentoo.org/glsa/201705-06","reference_id":"GLSA-201705-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201705-06"},{"reference_url":"https://security.gentoo.org/glsa/201705-07","reference_id":"GLSA-201705-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201705-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05","reference_id":"mfsa2017-05","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06","reference_id":"mfsa2017-06","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-07","reference_id":"mfsa2017-07","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-09","reference_id":"mfsa2017-09","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0459","reference_id":"RHSA-2017:0459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0461","reference_id":"RHSA-2017:0461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0498","reference_id":"RHSA-2017:0498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0498"},{"reference_url":"https://usn.ubuntu.com/3216-1/","reference_id":"USN-3216-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3216-1/"},{"reference_url":"https://usn.ubuntu.com/3233-1/","reference_id":"USN-3233-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3233-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2017-5401"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dxr7-qubc-tyb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43524?format=json","vulnerability_id":"VCID-ecm1-2298-mkfm","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2799.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2799.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2799","reference_id":"","reference_type":"","scores":[{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70703","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.7064","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70712","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70735","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70718","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70655","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70673","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70651","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70696","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2799"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1249081","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1249081"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3515","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3515"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/bid/84222","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84222"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2927-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2927-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795","reference_id":"1315795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2799","reference_id":"CVE-2016-2799","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:C"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2799"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://security.gentoo.org/glsa/201701-63","reference_id":"GLSA-201701-63","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-63"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37","reference_id":"mfsa2016-37","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2927-1/","reference_id":"USN-2927-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2927-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-2799"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ecm1-2298-mkfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56751?format=json","vulnerability_id":"VCID-ekxy-vaed-u7cg","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9074.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9074.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9074","reference_id":"","reference_type":"","scores":[{"value":"0.01221","scoring_system":"epss","scoring_elements":"0.79091","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01221","scoring_system":"epss","scoring_elements":"0.79074","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01221","scoring_system":"epss","scoring_elements":"0.79059","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01221","scoring_system":"epss","scoring_elements":"0.79083","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01221","scoring_system":"epss","scoring_elements":"0.7909","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01221","scoring_system":"epss","scoring_elements":"0.79115","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01221","scoring_system":"epss","scoring_elements":"0.79101","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01221","scoring_system":"epss","scoring_elements":"0.79041","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01221","scoring_system":"epss","scoring_elements":"0.79047","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9074"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1293334","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1293334"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2016/dsa-3730","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2016/dsa-3730"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-89/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-89/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-90/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-90/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-93/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-93/"},{"reference_url":"http://www.securityfocus.com/bid/94341","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94341"},{"reference_url":"http://www.securitytracker.com/id/1037298","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037298"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396548","reference_id":"1396548","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396548"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9074","reference_id":"CVE-2016-9074","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9074"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://security.gentoo.org/glsa/201701-46","reference_id":"GLSA-201701-46","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-46"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90","reference_id":"mfsa2016-90","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93","reference_id":"mfsa2016-93","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93"},{"reference_url":"https://usn.ubuntu.com/3163-1/","reference_id":"USN-3163-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3163-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-9074"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ekxy-vaed-u7cg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43509?format=json","vulnerability_id":"VCID-fjam-jfc1-pkbv","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2795.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2795.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2795","reference_id":"","reference_type":"","scores":[{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68422","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68356","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.6844","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68467","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68455","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68377","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68396","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68373","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68423","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2795"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243597","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3515","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3515"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/bid/84222","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84222"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2927-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2927-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795","reference_id":"1315795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2795","reference_id":"CVE-2016-2795","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2795"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://security.gentoo.org/glsa/201701-63","reference_id":"GLSA-201701-63","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-63"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37","reference_id":"mfsa2016-37","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2927-1/","reference_id":"USN-2927-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2927-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-2795"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fjam-jfc1-pkbv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41542?format=json","vulnerability_id":"VCID-gcen-3yba-a3ht","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5375.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5375.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5375","reference_id":"","reference_type":"","scores":[{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.98294","published_at":"2026-04-13T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.9829","published_at":"2026-04-09T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.98279","published_at":"2026-04-01T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.98284","published_at":"2026-04-04T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.98289","published_at":"2026-04-08T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.98285","published_at":"2026-04-07T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.98281","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5375"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1325200","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1325200"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3771","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3771"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.exploit-db.com/exploits/42327/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/42327/"},{"reference_url":"https://www.exploit-db.com/exploits/44293/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/44293/"},{"reference_url":"https://www.exploit-db.com/exploits/44294/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/44294/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-02/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-03/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-03/"},{"reference_url":"http://www.securityfocus.com/bid/95757","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95757"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416271","reference_id":"1416271","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416271"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/ASA-201701-40","reference_id":"ASA-201701-40","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-40"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://security.archlinux.org/AVG-158","reference_id":"AVG-158","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-158"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5375","reference_id":"CVE-2017-5375","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5375"},{"reference_url":"https://security.gentoo.org/glsa/201702-13","reference_id":"GLSA-201702-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-13"},{"reference_url":"https://security.gentoo.org/glsa/201702-22","reference_id":"GLSA-201702-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-22"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02","reference_id":"mfsa2017-02","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03","reference_id":"mfsa2017-03","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0190","reference_id":"RHSA-2017:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0238","reference_id":"RHSA-2017:0238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0238"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2017-5375"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gcen-3yba-a3ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41548?format=json","vulnerability_id":"VCID-hyhc-qud7-6uax","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5396.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5396.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5396","reference_id":"","reference_type":"","scores":[{"value":"0.01838","scoring_system":"epss","scoring_elements":"0.82943","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01838","scoring_system":"epss","scoring_elements":"0.82947","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01838","scoring_system":"epss","scoring_elements":"0.82878","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01838","scoring_system":"epss","scoring_elements":"0.82952","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01838","scoring_system":"epss","scoring_elements":"0.82936","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01838","scoring_system":"epss","scoring_elements":"0.82929","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01838","scoring_system":"epss","scoring_elements":"0.82904","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01838","scoring_system":"epss","scoring_elements":"0.82895","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01838","scoring_system":"epss","scoring_elements":"0.82907","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5396"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1329403","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1329403"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3771","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3771"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-02/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-03/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-03/"},{"reference_url":"http://www.securityfocus.com/bid/95769","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95769"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416280","reference_id":"1416280","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416280"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/ASA-201701-40","reference_id":"ASA-201701-40","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-40"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://security.archlinux.org/AVG-158","reference_id":"AVG-158","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-158"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5396","reference_id":"CVE-2017-5396","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5396"},{"reference_url":"https://security.gentoo.org/glsa/201702-13","reference_id":"GLSA-201702-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-13"},{"reference_url":"https://security.gentoo.org/glsa/201702-22","reference_id":"GLSA-201702-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-22"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02","reference_id":"mfsa2017-02","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03","reference_id":"mfsa2017-03","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0190","reference_id":"RHSA-2017:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0238","reference_id":"RHSA-2017:0238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0238"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2017-5396"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hyhc-qud7-6uax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56637?format=json","vulnerability_id":"VCID-j2ga-ggcd-fkg1","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1041.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1041.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2805.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2805.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2805","reference_id":"","reference_type":"","scores":[{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.75981","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.75924","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.75972","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.75986","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.76011","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.75988","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.75928","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.7596","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.75939","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2805"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1241731","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1241731"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3559","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3559"},{"reference_url":"http://www.debian.org/security/2016/dsa-3576","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3576"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2973-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2973-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330266","reference_id":"1330266","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330266"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2805","reference_id":"CVE-2016-2805","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2805"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39","reference_id":"mfsa2016-39","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0695","reference_id":"RHSA-2016:0695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1041","reference_id":"RHSA-2016:1041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1041"},{"reference_url":"https://usn.ubuntu.com/2973-1/","reference_id":"USN-2973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-2805"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j2ga-ggcd-fkg1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43504?format=json","vulnerability_id":"VCID-j6x8-vnns-1yfg","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2791.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2791.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2791","reference_id":"","reference_type":"","scores":[{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68422","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68356","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.6844","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68467","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68455","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68377","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68396","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68373","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68423","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2791"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243473","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3515","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3515"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/bid/84222","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84222"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2927-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2927-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795","reference_id":"1315795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2791","reference_id":"CVE-2016-2791","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2791"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://security.gentoo.org/glsa/201701-63","reference_id":"GLSA-201701-63","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-63"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37","reference_id":"mfsa2016-37","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2927-1/","reference_id":"USN-2927-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2927-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-2791"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j6x8-vnns-1yfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43526?format=json","vulnerability_id":"VCID-j7wt-w5x2-nye4","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2800.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2800.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2800","reference_id":"","reference_type":"","scores":[{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68422","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68356","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.6844","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68467","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68455","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68377","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68396","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68373","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68423","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2800"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1249338","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1249338"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3515","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3515"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/bid/84222","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84222"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2927-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2927-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795","reference_id":"1315795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2800","reference_id":"CVE-2016-2800","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2800"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://security.gentoo.org/glsa/201701-63","reference_id":"GLSA-201701-63","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-63"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37","reference_id":"mfsa2016-37","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2927-1/","reference_id":"USN-2927-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2927-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-2800"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j7wt-w5x2-nye4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51747?format=json","vulnerability_id":"VCID-jfw1-18np-47b8","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://hg.mozilla.org/releases/mozilla-release/rev/b208427885d3","reference_id":"","reference_type":"","scores":[],"url":"http://hg.mozilla.org/releases/mozilla-release/rev/b208427885d3"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1961.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1961.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1961","reference_id":"","reference_type":"","scores":[{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73112","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.7306","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73114","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73139","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73119","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73069","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.7309","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73064","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73101","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1961"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1249377","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1249377"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-24.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-24.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"http://zerodayinitiative.com/advisories/ZDI-16-199/","reference_id":"","reference_type":"","scores":[],"url":"http://zerodayinitiative.com/advisories/ZDI-16-199/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315577","reference_id":"1315577","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315577"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1961","reference_id":"CVE-2016-1961","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1961"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-24","reference_id":"mfsa2016-24","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-1961"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jfw1-18np-47b8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51744?format=json","vulnerability_id":"VCID-js15-jev6-6fbs","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1960.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1960.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1960","reference_id":"","reference_type":"","scores":[{"value":"0.87057","scoring_system":"epss","scoring_elements":"0.99442","published_at":"2026-04-13T12:55:00Z"},{"value":"0.87057","scoring_system":"epss","scoring_elements":"0.99436","published_at":"2026-04-01T12:55:00Z"},{"value":"0.87057","scoring_system":"epss","scoring_elements":"0.99439","published_at":"2026-04-09T12:55:00Z"},{"value":"0.87057","scoring_system":"epss","scoring_elements":"0.9944","published_at":"2026-04-11T12:55:00Z"},{"value":"0.87057","scoring_system":"epss","scoring_elements":"0.99441","published_at":"2026-04-12T12:55:00Z"},{"value":"0.87057","scoring_system":"epss","scoring_elements":"0.99435","published_at":"2026-04-02T12:55:00Z"},{"value":"0.87057","scoring_system":"epss","scoring_elements":"0.99437","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1960"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1246014","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1246014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"https://www.exploit-db.com/exploits/42484/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/42484/"},{"reference_url":"https://www.exploit-db.com/exploits/44294/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/44294/"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-23.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-23.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"http://zerodayinitiative.com/advisories/ZDI-16-198/","reference_id":"","reference_type":"","scores":[],"url":"http://zerodayinitiative.com/advisories/ZDI-16-198/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315576","reference_id":"1315576","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315576"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/42484.html","reference_id":"CVE-2016-1960","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/42484.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1960","reference_id":"CVE-2016-1960","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1960"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/44294.html","reference_id":"CVE-2017-5375;CVE-2016-1960","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/44294.html"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-23","reference_id":"mfsa2016-23","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-23"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-1960"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-js15-jev6-6fbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31907?format=json","vulnerability_id":"VCID-jwze-7mfw-r3ax","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0459.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0459.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0461.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0461.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0498.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0498.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5404.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5404.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5404","reference_id":"","reference_type":"","scores":[{"value":"0.21288","scoring_system":"epss","scoring_elements":"0.95684","published_at":"2026-04-13T12:55:00Z"},{"value":"0.21288","scoring_system":"epss","scoring_elements":"0.95682","published_at":"2026-04-12T12:55:00Z"},{"value":"0.21288","scoring_system":"epss","scoring_elements":"0.95678","published_at":"2026-04-09T12:55:00Z"},{"value":"0.21288","scoring_system":"epss","scoring_elements":"0.95649","published_at":"2026-04-01T12:55:00Z"},{"value":"0.21288","scoring_system":"epss","scoring_elements":"0.95663","published_at":"2026-04-04T12:55:00Z"},{"value":"0.21288","scoring_system":"epss","scoring_elements":"0.95674","published_at":"2026-04-08T12:55:00Z"},{"value":"0.21288","scoring_system":"epss","scoring_elements":"0.95666","published_at":"2026-04-07T12:55:00Z"},{"value":"0.21288","scoring_system":"epss","scoring_elements":"0.95658","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5404"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1340138","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1340138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3805","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3805"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.exploit-db.com/exploits/41660/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/41660/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-05/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-05/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-06/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-06/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-07/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-07/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-09/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-09/"},{"reference_url":"http://www.securityfocus.com/bid/96664","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/96664"},{"reference_url":"http://www.securitytracker.com/id/1037966","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037966"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429781","reference_id":"1429781","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429781"},{"reference_url":"https://security.archlinux.org/ASA-201703-2","reference_id":"ASA-201703-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-2"},{"reference_url":"https://security.archlinux.org/ASA-201703-3","reference_id":"ASA-201703-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-3"},{"reference_url":"https://security.archlinux.org/AVG-193","reference_id":"AVG-193","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-193"},{"reference_url":"https://security.archlinux.org/AVG-194","reference_id":"AVG-194","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-194"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5404","reference_id":"CVE-2017-5404","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5404"},{"reference_url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1130","reference_id":"CVE-2017-5404;MFSA2017-05","reference_type":"exploit","scores":[],"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1130"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41660.html","reference_id":"CVE-2017-5404;MFSA2017-05","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41660.html"},{"reference_url":"https://security.gentoo.org/glsa/201705-06","reference_id":"GLSA-201705-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201705-06"},{"reference_url":"https://security.gentoo.org/glsa/201705-07","reference_id":"GLSA-201705-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201705-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05","reference_id":"mfsa2017-05","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06","reference_id":"mfsa2017-06","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-07","reference_id":"mfsa2017-07","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-09","reference_id":"mfsa2017-09","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0459","reference_id":"RHSA-2017:0459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0461","reference_id":"RHSA-2017:0461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0498","reference_id":"RHSA-2017:0498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0498"},{"reference_url":"https://usn.ubuntu.com/3216-1/","reference_id":"USN-3216-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3216-1/"},{"reference_url":"https://usn.ubuntu.com/3233-1/","reference_id":"USN-3233-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3233-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2017-5404"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jwze-7mfw-r3ax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43502?format=json","vulnerability_id":"VCID-k131-mfqm-dka9","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1977.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1977.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1977","reference_id":"","reference_type":"","scores":[{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72031","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.71984","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72038","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72062","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72046","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.71991","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72011","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.71987","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72026","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1977"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1248876","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1248876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3515","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3515"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/bid/84222","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84222"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2927-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2927-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795","reference_id":"1315795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1977","reference_id":"CVE-2016-1977","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1977"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://security.gentoo.org/glsa/201701-63","reference_id":"GLSA-201701-63","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-63"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37","reference_id":"mfsa2016-37","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2927-1/","reference_id":"USN-2927-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2927-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-1977"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k131-mfqm-dka9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43505?format=json","vulnerability_id":"VCID-k5hu-n47k-wffm","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2792.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2792.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2792","reference_id":"","reference_type":"","scores":[{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68422","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68356","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.6844","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68467","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68455","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68377","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68396","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68373","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68423","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2792"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243482","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243482"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3515","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3515"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/bid/84222","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84222"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2927-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2927-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795","reference_id":"1315795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2792","reference_id":"CVE-2016-2792","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2792"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://security.gentoo.org/glsa/201701-63","reference_id":"GLSA-201701-63","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-63"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37","reference_id":"mfsa2016-37","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2927-1/","reference_id":"USN-2927-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2927-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-2792"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k5hu-n47k-wffm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41544?format=json","vulnerability_id":"VCID-m59v-ygc2-qucg","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5378.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5378.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5378","reference_id":"","reference_type":"","scores":[{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.8231","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82315","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82241","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82322","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82302","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82295","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82268","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82254","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82273","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5378"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1312001","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1312001"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1330769","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1330769"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3771","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3771"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-02/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-03/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-03/"},{"reference_url":"http://www.securityfocus.com/bid/95769","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95769"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416273","reference_id":"1416273","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416273"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/ASA-201701-40","reference_id":"ASA-201701-40","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-40"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://security.archlinux.org/AVG-158","reference_id":"AVG-158","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-158"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5378","reference_id":"CVE-2017-5378","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5378"},{"reference_url":"https://security.gentoo.org/glsa/201702-13","reference_id":"GLSA-201702-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-13"},{"reference_url":"https://security.gentoo.org/glsa/201702-22","reference_id":"GLSA-201702-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-22"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02","reference_id":"mfsa2017-02","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03","reference_id":"mfsa2017-03","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0190","reference_id":"RHSA-2017:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0238","reference_id":"RHSA-2017:0238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0238"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2017-5378"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m59v-ygc2-qucg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56638?format=json","vulnerability_id":"VCID-mupu-c1j2-xkgs","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2806.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2806.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2806","reference_id":"","reference_type":"","scores":[{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82682","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82616","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82668","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82674","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82692","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82686","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82631","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82646","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82642","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2806"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1212328","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1212328"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1228882","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1228882"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1231919","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1231919"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1238592","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1238592"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1242668","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1242668"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1242810","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1242810"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1251922","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1251922"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1253099","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1253099"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254122","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254122"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1255949","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1255949"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1256065","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1256065"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1258231","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1258231"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1260439","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1260439"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3601","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3601"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330270","reference_id":"1330270","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330270"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2806","reference_id":"CVE-2016-2806","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2806"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2806","reference_id":"CVE-2016-2806","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2806"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39","reference_id":"mfsa2016-39","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0695","reference_id":"RHSA-2016:0695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0695"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-2806"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mupu-c1j2-xkgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31906?format=json","vulnerability_id":"VCID-npyt-d8qr-wqdj","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0459.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0459.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0461.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0461.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0498.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0498.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5402.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5402.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5402","reference_id":"","reference_type":"","scores":[{"value":"0.02498","scoring_system":"epss","scoring_elements":"0.8533","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02498","scoring_system":"epss","scoring_elements":"0.85333","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02498","scoring_system":"epss","scoring_elements":"0.85336","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02498","scoring_system":"epss","scoring_elements":"0.85258","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02498","scoring_system":"epss","scoring_elements":"0.85292","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02498","scoring_system":"epss","scoring_elements":"0.85313","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02498","scoring_system":"epss","scoring_elements":"0.8527","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02498","scoring_system":"epss","scoring_elements":"0.85289","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02498","scoring_system":"epss","scoring_elements":"0.85322","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5402"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1334876","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1334876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3805","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3805"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-05/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-05/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-06/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-06/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-07/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-07/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-09/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-09/"},{"reference_url":"http://www.securityfocus.com/bid/96664","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/96664"},{"reference_url":"http://www.securitytracker.com/id/1037966","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037966"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429780","reference_id":"1429780","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429780"},{"reference_url":"https://security.archlinux.org/ASA-201703-2","reference_id":"ASA-201703-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-2"},{"reference_url":"https://security.archlinux.org/ASA-201703-3","reference_id":"ASA-201703-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-3"},{"reference_url":"https://security.archlinux.org/AVG-193","reference_id":"AVG-193","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-193"},{"reference_url":"https://security.archlinux.org/AVG-194","reference_id":"AVG-194","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-194"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5402","reference_id":"CVE-2017-5402","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5402"},{"reference_url":"https://security.gentoo.org/glsa/201705-06","reference_id":"GLSA-201705-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201705-06"},{"reference_url":"https://security.gentoo.org/glsa/201705-07","reference_id":"GLSA-201705-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201705-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05","reference_id":"mfsa2017-05","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06","reference_id":"mfsa2017-06","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-07","reference_id":"mfsa2017-07","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-09","reference_id":"mfsa2017-09","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0459","reference_id":"RHSA-2017:0459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0461","reference_id":"RHSA-2017:0461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0498","reference_id":"RHSA-2017:0498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0498"},{"reference_url":"https://usn.ubuntu.com/3216-1/","reference_id":"USN-3216-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3216-1/"},{"reference_url":"https://usn.ubuntu.com/3233-1/","reference_id":"USN-3233-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3233-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2017-5402"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-npyt-d8qr-wqdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43512?format=json","vulnerability_id":"VCID-nr84-88hy-6fah","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2796.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2796.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2796","reference_id":"","reference_type":"","scores":[{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68422","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68357","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68441","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68467","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68455","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68377","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68396","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68373","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68424","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2796"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243816","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3515","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3515"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/bid/84222","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84222"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2927-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2927-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795","reference_id":"1315795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2796","reference_id":"CVE-2016-2796","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2796"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://security.gentoo.org/glsa/201701-63","reference_id":"GLSA-201701-63","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-63"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37","reference_id":"mfsa2016-37","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2927-1/","reference_id":"USN-2927-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2927-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-2796"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nr84-88hy-6fah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56757?format=json","vulnerability_id":"VCID-pbrt-gcqj-kycv","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9900.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9900.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9900","reference_id":"","reference_type":"","scores":[{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77109","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77114","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77049","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77135","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77107","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77097","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77065","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77083","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77055","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9900"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1319122","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1319122"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3757","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3757"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-94/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-94/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-95/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-95/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-96/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-96/"},{"reference_url":"http://www.securityfocus.com/bid/94885","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94885"},{"reference_url":"http://www.securitytracker.com/id/1037461","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404090","reference_id":"1404090","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404090"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9900","reference_id":"CVE-2016-9900","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9900"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95","reference_id":"mfsa2016-95","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96","reference_id":"mfsa2016-96","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2946","reference_id":"RHSA-2016:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2973","reference_id":"RHSA-2016:2973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2973"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-9900"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pbrt-gcqj-kycv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56763?format=json","vulnerability_id":"VCID-q4x5-dz5r-jqgr","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9905.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9905.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9905","reference_id":"","reference_type":"","scores":[{"value":"0.01174","scoring_system":"epss","scoring_elements":"0.7869","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01174","scoring_system":"epss","scoring_elements":"0.78659","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01174","scoring_system":"epss","scoring_elements":"0.78685","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01174","scoring_system":"epss","scoring_elements":"0.78692","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01174","scoring_system":"epss","scoring_elements":"0.78716","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01174","scoring_system":"epss","scoring_elements":"0.78698","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01174","scoring_system":"epss","scoring_elements":"0.78642","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01174","scoring_system":"epss","scoring_elements":"0.78648","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01174","scoring_system":"epss","scoring_elements":"0.78679","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9905"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1293985","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1293985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3757","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3757"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-95/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-95/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-96/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-96/"},{"reference_url":"http://www.securityfocus.com/bid/94884","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94884"},{"reference_url":"http://www.securitytracker.com/id/1037462","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037462"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404094","reference_id":"1404094","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404094"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9905","reference_id":"CVE-2016-9905","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9905"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95","reference_id":"mfsa2016-95","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96","reference_id":"mfsa2016-96","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2946","reference_id":"RHSA-2016:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2973","reference_id":"RHSA-2016:2973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2973"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-9905"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q4x5-dz5r-jqgr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56741?format=json","vulnerability_id":"VCID-qptm-f15t-57gj","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2825.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2825.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5290.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5290.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5290","reference_id":"","reference_type":"","scores":[{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83117","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83121","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83051","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83127","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83111","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83103","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83079","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83081","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83067","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5290"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1309720%2C1297062%2C1303710%2C1018486%2C1292590%2C1301343%2C1301496%2C1308048%2C1308346%2C1299519%2C1286911%2C1298169","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1309720%2C1297062%2C1303710%2C1018486%2C1292590%2C1301343%2C1301496%2C1308048%2C1308346%2C1299519%2C1286911%2C1298169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2016/dsa-3730","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2016/dsa-3730"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-89/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-89/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-90/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-90/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-93/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-93/"},{"reference_url":"http://www.securityfocus.com/bid/94335","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94335"},{"reference_url":"http://www.securitytracker.com/id/1037298","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037298"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395066","reference_id":"1395066","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395066"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5290","reference_id":"CVE-2016-5290","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5290"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90","reference_id":"mfsa2016-90","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93","reference_id":"mfsa2016-93","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2780","reference_id":"RHSA-2016:2780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2780"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2825","reference_id":"RHSA-2016:2825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2825"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"},{"reference_url":"https://usn.ubuntu.com/3141-1/","reference_id":"USN-3141-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3141-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-5290"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qptm-f15t-57gj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51779?format=json","vulnerability_id":"VCID-qtp4-ada6-tydd","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1974.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1974.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1974","reference_id":"","reference_type":"","scores":[{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65715","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.6563","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65738","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65759","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65744","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65679","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65709","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65675","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65726","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1974"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1228103","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1228103"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-34.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-34.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315785","reference_id":"1315785","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315785"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1974","reference_id":"CVE-2016-1974","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1974"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-34","reference_id":"mfsa2016-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-1974"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qtp4-ada6-tydd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56756?format=json","vulnerability_id":"VCID-qu91-vc1p-dyb1","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9899.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9899.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9899","reference_id":"","reference_type":"","scores":[{"value":"0.36421","scoring_system":"epss","scoring_elements":"0.97118","published_at":"2026-04-13T12:55:00Z"},{"value":"0.36421","scoring_system":"epss","scoring_elements":"0.97117","published_at":"2026-04-12T12:55:00Z"},{"value":"0.36421","scoring_system":"epss","scoring_elements":"0.97089","published_at":"2026-04-01T12:55:00Z"},{"value":"0.36421","scoring_system":"epss","scoring_elements":"0.97116","published_at":"2026-04-11T12:55:00Z"},{"value":"0.36421","scoring_system":"epss","scoring_elements":"0.97112","published_at":"2026-04-09T12:55:00Z"},{"value":"0.36421","scoring_system":"epss","scoring_elements":"0.97102","published_at":"2026-04-07T12:55:00Z"},{"value":"0.36421","scoring_system":"epss","scoring_elements":"0.97096","published_at":"2026-04-02T12:55:00Z"},{"value":"0.36421","scoring_system":"epss","scoring_elements":"0.97101","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9899"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1317409","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1317409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3757","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3757"},{"reference_url":"https://www.exploit-db.com/exploits/41042/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/41042/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-94/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-94/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-95/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-95/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-96/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-96/"},{"reference_url":"http://www.securityfocus.com/bid/94885","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94885"},{"reference_url":"http://www.securitytracker.com/id/1037461","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404083","reference_id":"1404083","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404083"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/41042.html","reference_id":"CVE-2016-9899","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/41042.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9899","reference_id":"CVE-2016-9899","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9899"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95","reference_id":"mfsa2016-95","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96","reference_id":"mfsa2016-96","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2946","reference_id":"RHSA-2016:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2973","reference_id":"RHSA-2016:2973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2973"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-9899"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qu91-vc1p-dyb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31903?format=json","vulnerability_id":"VCID-r8en-yg26-w3a1","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0459.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0459.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0461.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0461.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0498.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0498.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5398.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5398.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5398","reference_id":"","reference_type":"","scores":[{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87147","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87151","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87157","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87095","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87116","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87136","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87106","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87123","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87144","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5398"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332550%2C1332597%2C1338383%2C1321612%2C1322971%2C1333568%2C1333887%2C1335450%2C1325052%2C1324379%2C1336510","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332550%2C1332597%2C1338383%2C1321612%2C1322971%2C1333568%2C1333887%2C1335450%2C1325052%2C1324379%2C1336510"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3805","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3805"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-05/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-05/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-06/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-06/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-07/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-07/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-09/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-09/"},{"reference_url":"http://www.securityfocus.com/bid/96651","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/96651"},{"reference_url":"http://www.securitytracker.com/id/1037966","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037966"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429786","reference_id":"1429786","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429786"},{"reference_url":"https://security.archlinux.org/ASA-201703-2","reference_id":"ASA-201703-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-2"},{"reference_url":"https://security.archlinux.org/ASA-201703-3","reference_id":"ASA-201703-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-3"},{"reference_url":"https://security.archlinux.org/AVG-193","reference_id":"AVG-193","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-193"},{"reference_url":"https://security.archlinux.org/AVG-194","reference_id":"AVG-194","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-194"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5398","reference_id":"CVE-2017-5398","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5398"},{"reference_url":"https://security.gentoo.org/glsa/201705-06","reference_id":"GLSA-201705-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201705-06"},{"reference_url":"https://security.gentoo.org/glsa/201705-07","reference_id":"GLSA-201705-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201705-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05","reference_id":"mfsa2017-05","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06","reference_id":"mfsa2017-06","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-07","reference_id":"mfsa2017-07","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-09","reference_id":"mfsa2017-09","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0459","reference_id":"RHSA-2017:0459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0461","reference_id":"RHSA-2017:0461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0498","reference_id":"RHSA-2017:0498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0498"},{"reference_url":"https://usn.ubuntu.com/3216-1/","reference_id":"USN-3216-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3216-1/"},{"reference_url":"https://usn.ubuntu.com/3233-1/","reference_id":"USN-3233-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3233-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2017-5398"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r8en-yg26-w3a1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51738?format=json","vulnerability_id":"VCID-rsda-j27d-8bdc","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://hg.mozilla.org/releases/mozilla-release/rev/5154bb929236","reference_id":"","reference_type":"","scores":[],"url":"http://hg.mozilla.org/releases/mozilla-release/rev/5154bb929236"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1954.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1954.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1954","reference_id":"","reference_type":"","scores":[{"value":"0.02706","scoring_system":"epss","scoring_elements":"0.85892","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02706","scoring_system":"epss","scoring_elements":"0.85825","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02706","scoring_system":"epss","scoring_elements":"0.85886","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02706","scoring_system":"epss","scoring_elements":"0.85901","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02706","scoring_system":"epss","scoring_elements":"0.85898","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02706","scoring_system":"epss","scoring_elements":"0.85836","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02706","scoring_system":"epss","scoring_elements":"0.85854","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02706","scoring_system":"epss","scoring_elements":"0.85858","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02706","scoring_system":"epss","scoring_elements":"0.85876","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1954"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243178","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-17.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-17.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315569","reference_id":"1315569","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315569"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1954","reference_id":"CVE-2016-1954","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1954"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-17","reference_id":"mfsa2016-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-1954"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rsda-j27d-8bdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31909?format=json","vulnerability_id":"VCID-t4bj-qz9s-s7eb","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0459.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0459.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0461.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0461.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0498.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0498.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5405.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5405.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5405","reference_id":"","reference_type":"","scores":[{"value":"0.02352","scoring_system":"epss","scoring_elements":"0.84902","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02352","scoring_system":"epss","scoring_elements":"0.84907","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02352","scoring_system":"epss","scoring_elements":"0.84909","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02352","scoring_system":"epss","scoring_elements":"0.84826","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02352","scoring_system":"epss","scoring_elements":"0.84861","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02352","scoring_system":"epss","scoring_elements":"0.84883","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02352","scoring_system":"epss","scoring_elements":"0.84841","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02352","scoring_system":"epss","scoring_elements":"0.84859","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02352","scoring_system":"epss","scoring_elements":"0.8489","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5405"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1336699","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1336699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3805","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3805"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-05/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-05/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-06/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-06/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-07/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-07/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-09/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-09/"},{"reference_url":"http://www.securityfocus.com/bid/96693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/96693"},{"reference_url":"http://www.securitytracker.com/id/1037966","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037966"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429785","reference_id":"1429785","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429785"},{"reference_url":"https://security.archlinux.org/ASA-201703-2","reference_id":"ASA-201703-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-2"},{"reference_url":"https://security.archlinux.org/ASA-201703-3","reference_id":"ASA-201703-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-3"},{"reference_url":"https://security.archlinux.org/AVG-193","reference_id":"AVG-193","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-193"},{"reference_url":"https://security.archlinux.org/AVG-194","reference_id":"AVG-194","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-194"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5405","reference_id":"CVE-2017-5405","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5405"},{"reference_url":"https://security.gentoo.org/glsa/201705-06","reference_id":"GLSA-201705-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201705-06"},{"reference_url":"https://security.gentoo.org/glsa/201705-07","reference_id":"GLSA-201705-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201705-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05","reference_id":"mfsa2017-05","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06","reference_id":"mfsa2017-06","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-07","reference_id":"mfsa2017-07","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-09","reference_id":"mfsa2017-09","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0459","reference_id":"RHSA-2017:0459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0461","reference_id":"RHSA-2017:0461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0498","reference_id":"RHSA-2017:0498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0498"},{"reference_url":"https://usn.ubuntu.com/3216-1/","reference_id":"USN-3216-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3216-1/"},{"reference_url":"https://usn.ubuntu.com/3233-1/","reference_id":"USN-3233-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3233-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2017-5405"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t4bj-qz9s-s7eb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51748?format=json","vulnerability_id":"VCID-tb9n-zfut-ubht","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1962.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1962.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1962","reference_id":"","reference_type":"","scores":[{"value":"0.02149","scoring_system":"epss","scoring_elements":"0.84242","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02149","scoring_system":"epss","scoring_elements":"0.84172","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02149","scoring_system":"epss","scoring_elements":"0.84232","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02149","scoring_system":"epss","scoring_elements":"0.8425","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02149","scoring_system":"epss","scoring_elements":"0.84245","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02149","scoring_system":"epss","scoring_elements":"0.84185","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02149","scoring_system":"epss","scoring_elements":"0.84203","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02149","scoring_system":"epss","scoring_elements":"0.84204","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02149","scoring_system":"epss","scoring_elements":"0.84225","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1962"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1240760","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1240760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-25.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-25.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315578","reference_id":"1315578","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315578"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1962","reference_id":"CVE-2016-1962","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1962"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-25","reference_id":"mfsa2016-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-1962"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tb9n-zfut-ubht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56748?format=json","vulnerability_id":"VCID-tgya-wnfn-t7eb","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9066.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9066.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9066","reference_id":"","reference_type":"","scores":[{"value":"0.20609","scoring_system":"epss","scoring_elements":"0.95578","published_at":"2026-04-13T12:55:00Z"},{"value":"0.20609","scoring_system":"epss","scoring_elements":"0.95577","published_at":"2026-04-12T12:55:00Z"},{"value":"0.20609","scoring_system":"epss","scoring_elements":"0.95544","published_at":"2026-04-01T12:55:00Z"},{"value":"0.20609","scoring_system":"epss","scoring_elements":"0.95575","published_at":"2026-04-11T12:55:00Z"},{"value":"0.20609","scoring_system":"epss","scoring_elements":"0.95571","published_at":"2026-04-09T12:55:00Z"},{"value":"0.20609","scoring_system":"epss","scoring_elements":"0.95568","published_at":"2026-04-08T12:55:00Z"},{"value":"0.20609","scoring_system":"epss","scoring_elements":"0.95561","published_at":"2026-04-07T12:55:00Z"},{"value":"0.20609","scoring_system":"epss","scoring_elements":"0.95558","published_at":"2026-04-04T12:55:00Z"},{"value":"0.20609","scoring_system":"epss","scoring_elements":"0.95553","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9066"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1299686","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1299686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2016/dsa-3730","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2016/dsa-3730"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-89/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-89/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-90/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-90/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-93/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-93/"},{"reference_url":"http://www.securityfocus.com/bid/94336","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94336"},{"reference_url":"http://www.securitytracker.com/id/1037298","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037298"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395061","reference_id":"1395061","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395061"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9066","reference_id":"CVE-2016-9066","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9066"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90","reference_id":"mfsa2016-90","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93","reference_id":"mfsa2016-93","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2780","reference_id":"RHSA-2016:2780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2780"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"},{"reference_url":"https://usn.ubuntu.com/3141-1/","reference_id":"USN-3141-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3141-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-9066"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tgya-wnfn-t7eb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41547?format=json","vulnerability_id":"VCID-tjjd-y1pq-ckf4","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5390.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5390.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5390","reference_id":"","reference_type":"","scores":[{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82545","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82549","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82473","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82554","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82536","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82528","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82501","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82487","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82505","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5390"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1297361","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1297361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3771","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3771"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-02/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-03/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-03/"},{"reference_url":"http://www.securityfocus.com/bid/95769","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95769"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416279","reference_id":"1416279","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416279"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/ASA-201701-40","reference_id":"ASA-201701-40","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-40"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://security.archlinux.org/AVG-158","reference_id":"AVG-158","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-158"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5390","reference_id":"CVE-2017-5390","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5390"},{"reference_url":"https://security.gentoo.org/glsa/201702-13","reference_id":"GLSA-201702-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-13"},{"reference_url":"https://security.gentoo.org/glsa/201702-22","reference_id":"GLSA-201702-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-22"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02","reference_id":"mfsa2017-02","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03","reference_id":"mfsa2017-03","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0190","reference_id":"RHSA-2017:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0238","reference_id":"RHSA-2017:0238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0238"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2017-5390"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tjjd-y1pq-ckf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51750?format=json","vulnerability_id":"VCID-ut8d-5w7x-4qg2","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1964.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1964.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1964","reference_id":"","reference_type":"","scores":[{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72031","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.71984","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72038","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72062","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72046","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.71991","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72011","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.71987","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72026","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1964"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243335","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243335"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-27.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-27.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315774","reference_id":"1315774","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315774"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1964","reference_id":"CVE-2016-1964","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1964"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-27","reference_id":"mfsa2016-27","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-1964"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ut8d-5w7x-4qg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43506?format=json","vulnerability_id":"VCID-va34-kurf-uycj","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2793.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2793.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2793","reference_id":"","reference_type":"","scores":[{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.6834","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68276","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.6836","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68386","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68373","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68296","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68316","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68292","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68343","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2793"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243513","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1243513"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3515","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3515"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/bid/84222","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84222"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2927-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2927-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795","reference_id":"1315795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315795"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2793","reference_id":"CVE-2016-2793","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2793"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://security.gentoo.org/glsa/201701-63","reference_id":"GLSA-201701-63","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-63"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37","reference_id":"mfsa2016-37","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2927-1/","reference_id":"USN-2927-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2927-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-2793"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-va34-kurf-uycj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56644?format=json","vulnerability_id":"VCID-va3j-erp3-3ugy","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1041.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1041.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2807.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2807.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2807","reference_id":"","reference_type":"","scores":[{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82682","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82616","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82668","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82674","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82692","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82686","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82631","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82646","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82642","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2807"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1187420","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1187420"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1252707","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1252707"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254164","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254164"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254622","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254622"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254876","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3559","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3559"},{"reference_url":"http://www.debian.org/security/2016/dsa-3576","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3576"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2973-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2973-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330271","reference_id":"1330271","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330271"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2807","reference_id":"CVE-2016-2807","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2807"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39","reference_id":"mfsa2016-39","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0695","reference_id":"RHSA-2016:0695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1041","reference_id":"RHSA-2016:1041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1041"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"},{"reference_url":"https://usn.ubuntu.com/2973-1/","reference_id":"USN-2973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-2807"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-va3j-erp3-3ugy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56677?format=json","vulnerability_id":"VCID-wgxa-54sd-rqd6","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1809.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1809.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2836.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2836.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2836","reference_id":"","reference_type":"","scores":[{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67304","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67379","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67391","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67405","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67425","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67413","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.6734","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67363","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2836"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1154923","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1154923"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1249578","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1249578"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1257765","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1257765"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1258079","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1258079"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1268626","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1268626"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1282502","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1282502"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1283823","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1283823"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=822081","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=822081"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3640","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3640"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-62.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-62.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.securityfocus.com/bid/92261","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92261"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361974","reference_id":"1361974","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361974"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2836","reference_id":"CVE-2016-2836","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2836"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2836","reference_id":"CVE-2016-2836","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2836"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-62","reference_id":"mfsa2016-62","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-62"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1551","reference_id":"RHSA-2016:1551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1809","reference_id":"RHSA-2016:1809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1809"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"},{"reference_url":"https://usn.ubuntu.com/3073-1/","reference_id":"USN-3073-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3073-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-2836"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wgxa-54sd-rqd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56745?format=json","vulnerability_id":"VCID-yegk-sgdn-z3ae","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5296.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5296.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5296","reference_id":"","reference_type":"","scores":[{"value":"0.0257","scoring_system":"epss","scoring_elements":"0.8554","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0257","scoring_system":"epss","scoring_elements":"0.85544","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0257","scoring_system":"epss","scoring_elements":"0.85469","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0257","scoring_system":"epss","scoring_elements":"0.85545","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0257","scoring_system":"epss","scoring_elements":"0.85531","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0257","scoring_system":"epss","scoring_elements":"0.85522","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0257","scoring_system":"epss","scoring_elements":"0.85502","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0257","scoring_system":"epss","scoring_elements":"0.85498","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0257","scoring_system":"epss","scoring_elements":"0.85481","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5296"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1292443","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1292443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2016/dsa-3730","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2016/dsa-3730"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-89/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-89/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-90/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-90/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-93/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-93/"},{"reference_url":"http://www.securityfocus.com/bid/94339","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94339"},{"reference_url":"http://www.securitytracker.com/id/1037298","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037298"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395055","reference_id":"1395055","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395055"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5296","reference_id":"CVE-2016-5296","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5296"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90","reference_id":"mfsa2016-90","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93","reference_id":"mfsa2016-93","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2780","reference_id":"RHSA-2016:2780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2780"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"},{"reference_url":"https://usn.ubuntu.com/3141-1/","reference_id":"USN-3141-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3141-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-5296"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yegk-sgdn-z3ae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56752?format=json","vulnerability_id":"VCID-ysg5-wc3n-fbgw","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9893.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9893.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9893","reference_id":"","reference_type":"","scores":[{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.85849","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.85853","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.85776","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.85856","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.85842","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.85831","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.85813","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.85807","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.85789","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9893"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1319524%2C1298773%2C1299098%2C1309834%2C1312609%2C1313212%2C1317805%2C1312548%2C1315631%2C1287912","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1319524%2C1298773%2C1299098%2C1309834%2C1312609%2C1313212%2C1317805%2C1312548%2C1315631%2C1287912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3757","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3757"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-94/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-94/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-95/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-95/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-96/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-96/"},{"reference_url":"http://www.securityfocus.com/bid/94885","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94885"},{"reference_url":"http://www.securitytracker.com/id/1037461","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404096","reference_id":"1404096","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404096"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9893","reference_id":"CVE-2016-9893","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9893"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95","reference_id":"mfsa2016-95","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96","reference_id":"mfsa2016-96","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2946","reference_id":"RHSA-2016:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2973","reference_id":"RHSA-2016:2973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2973"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-9893"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ysg5-wc3n-fbgw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51752?format=json","vulnerability_id":"VCID-z4ad-5vm8-t3g2","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://hg.mozilla.org/releases/mozilla-release/rev/f0d2911a9a4e","reference_id":"","reference_type":"","scores":[],"url":"http://hg.mozilla.org/releases/mozilla-release/rev/f0d2911a9a4e"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1966.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1966.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1966","reference_id":"","reference_type":"","scores":[{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74003","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.73955","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74006","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74028","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.7401","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.73962","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.73987","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.73958","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.73992","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1966"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1246054","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1246054"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802"},{"reference_url":"http://www.debian.org/security/2016/dsa-3510","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3510"},{"reference_url":"http://www.debian.org/security/2016/dsa-3520","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3520"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-31.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-31.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securitytracker.com/id/1035215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035215"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2917-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2917-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2934-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2934-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315778","reference_id":"1315778","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315778"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1966","reference_id":"CVE-2016-1966","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1966"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-31","reference_id":"mfsa2016-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0373","reference_id":"RHSA-2016:0373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0460","reference_id":"RHSA-2016:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0460"},{"reference_url":"https://usn.ubuntu.com/2917-1/","reference_id":"USN-2917-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2917-1/"},{"reference_url":"https://usn.ubuntu.com/2934-1/","reference_id":"USN-2934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571079?format=json","purl":"pkg:deb/debian/icedove@38.7.0-1~deb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19cb-y1de-u3bn"},{"vulnerability":"VCID-1tcx-3zn1-ykdq"},{"vulnerability":"VCID-2ptm-gx1p-uyhf"},{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-3dea-vjmc-b7eb"},{"vulnerability":"VCID-3ehk-593t-abcp"},{"vulnerability":"VCID-3nup-1513-ybaq"},{"vulnerability":"VCID-3tww-nhmh-gua6"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4azu-y4y6-nyff"},{"vulnerability":"VCID-4d2q-usge-77ft"},{"vulnerability":"VCID-4hnb-y6bt-4fb1"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-545u-wnrj-z3dh"},{"vulnerability":"VCID-5dyh-s3yd-vqes"},{"vulnerability":"VCID-5n3q-eby7-67de"},{"vulnerability":"VCID-5wqt-2dtu-8qa4"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-667g-8khd-kkhm"},{"vulnerability":"VCID-67my-umrg-wkgm"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-84kk-wfxx-t3c8"},{"vulnerability":"VCID-86q8-2yv7-efez"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-avw6-7aqv-hbaa"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-bjyq-1zfk-eugq"},{"vulnerability":"VCID-bp6q-cu6s-2ke7"},{"vulnerability":"VCID-bwm1-yauc-xudu"},{"vulnerability":"VCID-c3ex-zw8a-6bcy"},{"vulnerability":"VCID-c83b-ttr4-83em"},{"vulnerability":"VCID-c8p3-ef58-wudt"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-dk4z-1j37-aucx"},{"vulnerability":"VCID-dxr7-qubc-tyb7"},{"vulnerability":"VCID-ecm1-2298-mkfm"},{"vulnerability":"VCID-ekxy-vaed-u7cg"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-fjam-jfc1-pkbv"},{"vulnerability":"VCID-gcen-3yba-a3ht"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-hyhc-qud7-6uax"},{"vulnerability":"VCID-j2ga-ggcd-fkg1"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-j6x8-vnns-1yfg"},{"vulnerability":"VCID-j7wt-w5x2-nye4"},{"vulnerability":"VCID-jfw1-18np-47b8"},{"vulnerability":"VCID-js15-jev6-6fbs"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-jwze-7mfw-r3ax"},{"vulnerability":"VCID-k131-mfqm-dka9"},{"vulnerability":"VCID-k5hu-n47k-wffm"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-m59v-ygc2-qucg"},{"vulnerability":"VCID-mupu-c1j2-xkgs"},{"vulnerability":"VCID-npyt-d8qr-wqdj"},{"vulnerability":"VCID-nr84-88hy-6fah"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pbrt-gcqj-kycv"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q4x5-dz5r-jqgr"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-qptm-f15t-57gj"},{"vulnerability":"VCID-qtp4-ada6-tydd"},{"vulnerability":"VCID-qu91-vc1p-dyb1"},{"vulnerability":"VCID-r8en-yg26-w3a1"},{"vulnerability":"VCID-rsda-j27d-8bdc"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-t4bj-qz9s-s7eb"},{"vulnerability":"VCID-tb9n-zfut-ubht"},{"vulnerability":"VCID-tgya-wnfn-t7eb"},{"vulnerability":"VCID-tjjd-y1pq-ckf4"},{"vulnerability":"VCID-ut8d-5w7x-4qg2"},{"vulnerability":"VCID-va34-kurf-uycj"},{"vulnerability":"VCID-va3j-erp3-3ugy"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-wgxa-54sd-rqd6"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yegk-sgdn-z3ae"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-ysg5-wc3n-fbgw"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z4ad-5vm8-t3g2"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035514?format=json","purl":"pkg:deb/debian/icedove@1:45.8.0-3~deb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3cbn-278y-hkah"},{"vulnerability":"VCID-48em-7yxs-pqf9"},{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-7mvz-mr2e-hyfx"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-d7jf-wx4p-cuek"},{"vulnerability":"VCID-dck1-2x3v-1ygr"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-hk7b-ckyd-7qg2"},{"vulnerability":"VCID-hw2h-w5r2-7qhv"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-q7jk-b69d-bbav"},{"vulnerability":"VCID-qetw-2ah7-5ba4"},{"vulnerability":"VCID-qh1k-c7ct-efg8"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-s558-4jac-47ft"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-vgwu-jbjv-xyd1"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-xzxb-5pq8-9bfd"},{"vulnerability":"VCID-yk2z-f6vu-93fb"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}],"aliases":["CVE-2016-1966"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z4ad-5vm8-t3g2"}],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1"}