{"url":"http://public2.vulnerablecode.io/api/packages/582964?format=json","purl":"pkg:deb/debian/firefox@46.0-1?distro=sid","type":"deb","namespace":"debian","name":"firefox","version":"46.0-1","qualifiers":{"distro":"sid"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"47.0-1","latest_non_vulnerable_version":"150.0.3-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56646?format=json","vulnerability_id":"VCID-6xgq-h4jf-sya9","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2808.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2808.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2808","reference_id":"","reference_type":"","scores":[{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71778","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71544","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71656","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71691","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71723","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.7172","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71551","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71569","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71542","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71582","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71593","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71616","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.716","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71581","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71626","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71631","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71612","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71662","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71666","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71671","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2808"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1246061","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1246061"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3559","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3559"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-47.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-47.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330286","reference_id":"1330286","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330286"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2808","reference_id":"CVE-2016-2808","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2808"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-47","reference_id":"mfsa2016-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0695","reference_id":"RHSA-2016:0695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0695"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582964?format=json","purl":"pkg:deb/debian/firefox@46.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@46.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2016-2808"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6xgq-h4jf-sya9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56672?format=json","vulnerability_id":"VCID-de4g-6sjv-6ugg","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2820.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2820.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2820","reference_id":"","reference_type":"","scores":[{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62122","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61866","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62026","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62088","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62042","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.6207","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61939","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61969","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61988","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62006","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62027","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62016","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61995","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62038","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62043","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62025","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62022","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62039","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62032","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61977","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2820"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=870870","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=870870"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-48.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-48.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330287","reference_id":"1330287","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330287"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2820","reference_id":"CVE-2016-2820","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2820"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2820","reference_id":"CVE-2016-2820","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2820"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-48","reference_id":"mfsa2016-48","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-48"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582964?format=json","purl":"pkg:deb/debian/firefox@46.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@46.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2016-2820"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-de4g-6sjv-6ugg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56660?format=json","vulnerability_id":"VCID-fvp8-grcg-27d3","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2812.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2812.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2812","reference_id":"","reference_type":"","scores":[{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70554","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70307","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70475","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70507","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70476","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70503","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.7032","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70337","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70314","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70359","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70374","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70398","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70383","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70369","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70411","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.7042","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70401","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70452","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70461","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70436","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2812"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1261776","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1261776"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-42.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-42.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330277","reference_id":"1330277","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330277"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2812","reference_id":"CVE-2016-2812","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2812"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2812","reference_id":"CVE-2016-2812","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2812"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-42","reference_id":"mfsa2016-42","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-42"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582964?format=json","purl":"pkg:deb/debian/firefox@46.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@46.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2016-2812"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fvp8-grcg-27d3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56657?format=json","vulnerability_id":"VCID-gbsw-gmc4-uqad","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2811.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2811.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2811","reference_id":"","reference_type":"","scores":[{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82724","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82457","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82648","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82668","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82667","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82682","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82472","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82489","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82485","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82512","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82519","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82538","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82534","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82529","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82566","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.8257","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82591","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82601","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82607","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82627","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2811"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1252330","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1252330"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-42.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-42.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330275","reference_id":"1330275","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330275"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2811","reference_id":"CVE-2016-2811","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2811"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2811","reference_id":"CVE-2016-2811","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2811"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-42","reference_id":"mfsa2016-42","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-42"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582964?format=json","purl":"pkg:deb/debian/firefox@46.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@46.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2016-2811"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gbsw-gmc4-uqad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56638?format=json","vulnerability_id":"VCID-mupu-c1j2-xkgs","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2806.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2806.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2806","reference_id":"","reference_type":"","scores":[{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82875","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82616","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82803","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82824","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82822","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82837","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82631","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82646","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82642","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82668","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82674","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82692","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82686","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82682","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.8272","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82721","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82724","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82747","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82756","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82762","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82782","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2806"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1212328","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1212328"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1228882","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1228882"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1231919","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1231919"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1238592","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1238592"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1242668","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1242668"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1242810","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1242810"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1251922","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1251922"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1253099","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1253099"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254122","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254122"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1255949","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1255949"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1256065","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1256065"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1258231","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1258231"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1260439","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1260439"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3601","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3601"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330270","reference_id":"1330270","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330270"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2806","reference_id":"CVE-2016-2806","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2806"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2806","reference_id":"CVE-2016-2806","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2806"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39","reference_id":"mfsa2016-39","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0695","reference_id":"RHSA-2016:0695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0695"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582964?format=json","purl":"pkg:deb/debian/firefox@46.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@46.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2016-2806"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mupu-c1j2-xkgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56670?format=json","vulnerability_id":"VCID-p365-j5gq-4uct","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2816.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2816.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2816","reference_id":"","reference_type":"","scores":[{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47798","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47811","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47736","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47803","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47825","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47767","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47849","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47871","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47819","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47872","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47868","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47892","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47869","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47879","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47933","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47927","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47881","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47864","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47874","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47821","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2816"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1223743","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1223743"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-45.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-45.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330282","reference_id":"1330282","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330282"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2816","reference_id":"CVE-2016-2816","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2816"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2816","reference_id":"CVE-2016-2816","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2816"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-45","reference_id":"mfsa2016-45","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-45"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582964?format=json","purl":"pkg:deb/debian/firefox@46.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@46.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2016-2816"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p365-j5gq-4uct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56636?format=json","vulnerability_id":"VCID-qwc9-da7w-4kdr","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2804.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2804.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2804","reference_id":"","reference_type":"","scores":[{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76442","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76184","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76369","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.7639","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76378","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76393","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76189","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76222","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76202","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76234","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76247","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76274","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76251","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76288","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76292","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76275","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76313","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.7632","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76332","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.7634","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2804"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1141382","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1141382"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1155328","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1155328"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1229855","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1229855"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1240880","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1240880"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1249183","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1249183"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1255298","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1255298"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330260","reference_id":"1330260","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330260"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2804","reference_id":"CVE-2016-2804","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2804"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2804","reference_id":"CVE-2016-2804","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2804"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39","reference_id":"mfsa2016-39","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582964?format=json","purl":"pkg:deb/debian/firefox@46.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@46.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2016-2804"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qwc9-da7w-4kdr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56671?format=json","vulnerability_id":"VCID-sp11-eqxh-t3gw","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2817.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2817.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2817","reference_id":"","reference_type":"","scores":[{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60802","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60539","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60696","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60754","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60714","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60741","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60614","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60643","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60663","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60679","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60703","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60689","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60669","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60711","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60717","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60702","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60701","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60692","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60649","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2817"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1227462","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1227462"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-46.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-46.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330285","reference_id":"1330285","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330285"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2817","reference_id":"CVE-2016-2817","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2817"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2817","reference_id":"CVE-2016-2817","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2817"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-46","reference_id":"mfsa2016-46","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-46"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582964?format=json","purl":"pkg:deb/debian/firefox@46.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@46.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2016-2817"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sp11-eqxh-t3gw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56644?format=json","vulnerability_id":"VCID-va3j-erp3-3ugy","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1041.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1041.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2807.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2807.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2807","reference_id":"","reference_type":"","scores":[{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82875","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82616","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82803","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82824","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82822","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82837","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82631","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82646","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82642","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82668","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82674","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82692","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82686","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82682","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.8272","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82721","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82724","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82747","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82756","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82762","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82782","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2807"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1187420","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1187420"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1252707","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1252707"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254164","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254164"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254622","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254622"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254876","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3559","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3559"},{"reference_url":"http://www.debian.org/security/2016/dsa-3576","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3576"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2973-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2973-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330271","reference_id":"1330271","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330271"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2807","reference_id":"CVE-2016-2807","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2807"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39","reference_id":"mfsa2016-39","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0695","reference_id":"RHSA-2016:0695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1041","reference_id":"RHSA-2016:1041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1041"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"},{"reference_url":"https://usn.ubuntu.com/2973-1/","reference_id":"USN-2973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582964?format=json","purl":"pkg:deb/debian/firefox@46.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@46.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2016-2807"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-va3j-erp3-3ugy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56668?format=json","vulnerability_id":"VCID-vnh1-1r8e-efcd","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2814.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2814.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2814","reference_id":"","reference_type":"","scores":[{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.8437","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84126","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84305","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84321","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.8432","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84337","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84139","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84157","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84159","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84181","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84187","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84205","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.842","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84196","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84218","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84219","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84223","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84247","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84256","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.8426","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84279","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2814"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254721","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254721"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3559","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3559"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-44.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-44.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330280","reference_id":"1330280","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330280"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2814","reference_id":"CVE-2016-2814","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2814"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-44","reference_id":"mfsa2016-44","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-44"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0695","reference_id":"RHSA-2016:0695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0695"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582964?format=json","purl":"pkg:deb/debian/firefox@46.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@46.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2016-2814"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vnh1-1r8e-efcd"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@46.0-1%3Fdistro=sid"}