{"url":"http://public2.vulnerablecode.io/api/packages/371624?format=json","purl":"pkg:alpm/archlinux/firefox@49.0-1","type":"alpm","namespace":"archlinux","name":"firefox","version":"49.0-1","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"52.0-1","latest_non_vulnerable_version":"101.0-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56727?format=json","vulnerability_id":"VCID-2j27-84u7-83ak","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5276.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5276.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5276","reference_id":"","reference_type":"","scores":[{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83473","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83406","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83408","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83432","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83453","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83269","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83285","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.833","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83324","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83333","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83348","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83342","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83338","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83373","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83375","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83376","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83399","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377557","reference_id":"1377557","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377557"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371624?format=json","purl":"pkg:alpm/archlinux/firefox@49.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1"}],"aliases":["CVE-2016-5276"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2j27-84u7-83ak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56723?format=json","vulnerability_id":"VCID-4xud-hwda-pyhw","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5272.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5272.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5272","reference_id":"","reference_type":"","scores":[{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68938","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68874","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.6888","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.6886","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68903","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68723","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68742","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68762","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68741","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68792","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68811","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68834","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68819","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.6879","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68831","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68841","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68868","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377554","reference_id":"1377554","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377554"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371624?format=json","purl":"pkg:alpm/archlinux/firefox@49.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1"}],"aliases":["CVE-2016-5272"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4xud-hwda-pyhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56696?format=json","vulnerability_id":"VCID-c3ex-zw8a-6bcy","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5257.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5257.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5257","reference_id":"","reference_type":"","scores":[{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75928","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75855","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75866","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75874","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75904","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75721","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75724","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75755","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75733","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75768","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75779","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75803","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75784","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75778","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75816","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.7582","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75805","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75845","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377543","reference_id":"1377543","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377543"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1985","reference_id":"RHSA-2016:1985","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1985"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371624?format=json","purl":"pkg:alpm/archlinux/firefox@49.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1"}],"aliases":["CVE-2016-5257"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c3ex-zw8a-6bcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56728?format=json","vulnerability_id":"VCID-dvcv-fgk6-buet","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5277.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5277.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5277","reference_id":"","reference_type":"","scores":[{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84723","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84664","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84666","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.8468","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84706","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84528","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84543","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84564","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84568","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84589","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84595","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84614","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.8461","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84605","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84625","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84626","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84628","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84654","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377559","reference_id":"1377559","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377559"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371624?format=json","purl":"pkg:alpm/archlinux/firefox@49.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1"}],"aliases":["CVE-2016-5277"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dvcv-fgk6-buet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56725?format=json","vulnerability_id":"VCID-e4mx-ww79-1bau","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5274.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5274.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5274","reference_id":"","reference_type":"","scores":[{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85186","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85129","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85126","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.8514","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85166","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85013","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85031","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85035","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85057","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85064","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.8508","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85079","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85075","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85097","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85099","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85096","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.8512","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377558","reference_id":"1377558","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377558"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371624?format=json","purl":"pkg:alpm/archlinux/firefox@49.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1"}],"aliases":["CVE-2016-5274"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e4mx-ww79-1bau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56693?format=json","vulnerability_id":"VCID-gqbc-wbhs-4bbx","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5256.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5256.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5256","reference_id":"","reference_type":"","scores":[{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82266","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82469","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82427","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82449","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82279","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82298","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82293","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.8232","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82327","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82347","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82341","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82335","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82369","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.8237","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82373","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82394","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82404","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82409","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5256"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377666","reference_id":"1377666","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377666"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371624?format=json","purl":"pkg:alpm/archlinux/firefox@49.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1"}],"aliases":["CVE-2016-5256"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gqbc-wbhs-4bbx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56739?format=json","vulnerability_id":"VCID-kkp5-vwqy-abbc","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5284.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5284.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5284","reference_id":"","reference_type":"","scores":[{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67894","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67831","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67835","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67811","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67854","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67695","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.6773","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.6775","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67782","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67796","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67819","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67805","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67771","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67807","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.6782","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67802","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67821","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377565","reference_id":"1377565","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377565"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371624?format=json","purl":"pkg:alpm/archlinux/firefox@49.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1"}],"aliases":["CVE-2016-5284"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kkp5-vwqy-abbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56733?format=json","vulnerability_id":"VCID-m52b-kam2-syg4","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5280.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5280.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5280","reference_id":"","reference_type":"","scores":[{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85444","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85387","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85386","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.854","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85426","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85265","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85277","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85295","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85298","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.8532","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85328","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85342","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.8534","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85337","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85357","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85358","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85356","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85378","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377561","reference_id":"1377561","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377561"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371624?format=json","purl":"pkg:alpm/archlinux/firefox@49.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1"}],"aliases":["CVE-2016-5280"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m52b-kam2-syg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56738?format=json","vulnerability_id":"VCID-q38n-z9wb-qufk","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5283.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5283.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5283","reference_id":"","reference_type":"","scores":[{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50855","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50904","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50821","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50873","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50913","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50939","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50896","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50953","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50951","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50993","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50971","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50955","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50992","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50999","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50978","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50924","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50932","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50895","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5283"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377670","reference_id":"1377670","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377670"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371624?format=json","purl":"pkg:alpm/archlinux/firefox@49.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1"}],"aliases":["CVE-2016-5283"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q38n-z9wb-qufk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56724?format=json","vulnerability_id":"VCID-qrbp-3x9q-q3g2","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5273.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5273.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5273","reference_id":"","reference_type":"","scores":[{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.7175","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71928","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71862","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71895","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71757","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71776","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71789","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.718","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71824","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71807","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71832","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71838","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.7182","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71867","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71872","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71875","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5273"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377669","reference_id":"1377669","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377669"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371624?format=json","purl":"pkg:alpm/archlinux/firefox@49.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1"}],"aliases":["CVE-2016-5273"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qrbp-3x9q-q3g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56737?format=json","vulnerability_id":"VCID-qrqw-p9v1-zfb2","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5282.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5282.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5282","reference_id":"","reference_type":"","scores":[{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.6016","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60355","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.6025","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60296","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60237","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60262","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.6023","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.6028","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60295","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60315","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60302","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60284","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60324","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60331","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60319","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60291","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60306","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60294","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5282"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377675","reference_id":"1377675","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377675"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371624?format=json","purl":"pkg:alpm/archlinux/firefox@49.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1"}],"aliases":["CVE-2016-5282"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qrqw-p9v1-zfb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56735?format=json","vulnerability_id":"VCID-rqkq-q1x2-6fgq","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5281.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5281.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5281","reference_id":"","reference_type":"","scores":[{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85614","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85556","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85554","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85572","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85595","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85427","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85439","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85459","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85462","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85482","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85491","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85505","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85503","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.855","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85523","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85528","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85525","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85547","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377563","reference_id":"1377563","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377563"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371624?format=json","purl":"pkg:alpm/archlinux/firefox@49.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1"}],"aliases":["CVE-2016-5281"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rqkq-q1x2-6fgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56731?format=json","vulnerability_id":"VCID-sncs-nk53-jbap","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5279.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5279.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5279","reference_id":"","reference_type":"","scores":[{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59019","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59189","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59124","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59083","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59094","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59118","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59082","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59133","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59136","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59154","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59137","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59159","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59139","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59119","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59138","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5279"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377673","reference_id":"1377673","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377673"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371624?format=json","purl":"pkg:alpm/archlinux/firefox@49.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1"}],"aliases":["CVE-2016-5279"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sncs-nk53-jbap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56729?format=json","vulnerability_id":"VCID-tsse-jnma-mbgw","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5278.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5278.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5278","reference_id":"","reference_type":"","scores":[{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81192","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81129","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81136","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81149","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.8117","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.80999","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81008","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81031","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.8103","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81058","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81064","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81082","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81069","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81061","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81099","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81101","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81098","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81121","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377549","reference_id":"1377549","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377549"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371624?format=json","purl":"pkg:alpm/archlinux/firefox@49.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1"}],"aliases":["CVE-2016-5278"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tsse-jnma-mbgw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56726?format=json","vulnerability_id":"VCID-uhct-zkhb-k3ca","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5275.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5275.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5275","reference_id":"","reference_type":"","scores":[{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82114","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82317","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82274","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82296","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82128","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82149","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82146","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82172","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.8218","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82198","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.8219","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82185","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82221","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82222","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82244","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82255","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82257","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5275"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377667","reference_id":"1377667","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377667"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371624?format=json","purl":"pkg:alpm/archlinux/firefox@49.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1"}],"aliases":["CVE-2016-5275"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uhct-zkhb-k3ca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56722?format=json","vulnerability_id":"VCID-vdvy-zc8w-6kbf","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5271.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5271.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5271","reference_id":"","reference_type":"","scores":[{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.6241","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62622","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.6252","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62569","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62468","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.625","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62467","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62518","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62534","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62553","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62542","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62519","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.6256","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62566","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62548","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62558","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62574","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62571","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5271"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377661","reference_id":"1377661","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377661"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371624?format=json","purl":"pkg:alpm/archlinux/firefox@49.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1"}],"aliases":["CVE-2016-5271"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vdvy-zc8w-6kbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56721?format=json","vulnerability_id":"VCID-z8f3-t842-8bfc","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5270.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5270.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5270","reference_id":"","reference_type":"","scores":[{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88715","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88676","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88675","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88687","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88703","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88591","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88601","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88618","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88619","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88638","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88642","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88654","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88647","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.8866","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88657","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88655","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.8867","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377552","reference_id":"1377552","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377552"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371624?format=json","purl":"pkg:alpm/archlinux/firefox@49.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1"}],"aliases":["CVE-2016-5270"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z8f3-t842-8bfc"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1"}