{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","type":"ebuild","namespace":"www-client","name":"firefox-bin","version":"45.6.0","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"45.7.0","latest_non_vulnerable_version":"137.0.1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56761?format=json","vulnerability_id":"VCID-1tcx-3zn1-ykdq","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9904.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9904.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9904","reference_id":"","reference_type":"","scores":[{"value":"0.01192","scoring_system":"epss","scoring_elements":"0.78845","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01192","scoring_system":"epss","scoring_elements":"0.78854","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01192","scoring_system":"epss","scoring_elements":"0.78797","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01192","scoring_system":"epss","scoring_elements":"0.78871","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01192","scoring_system":"epss","scoring_elements":"0.78848","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01192","scoring_system":"epss","scoring_elements":"0.78841","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01192","scoring_system":"epss","scoring_elements":"0.78816","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01192","scoring_system":"epss","scoring_elements":"0.78833","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01192","scoring_system":"epss","scoring_elements":"0.78804","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9904"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1317936","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1317936"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3757","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3757"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-94/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-94/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-95/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-95/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-96/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-96/"},{"reference_url":"http://www.securityfocus.com/bid/94885","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94885"},{"reference_url":"http://www.securitytracker.com/id/1037461","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404091","reference_id":"1404091","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404091"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9904","reference_id":"CVE-2016-9904","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9904"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95","reference_id":"mfsa2016-95","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96","reference_id":"mfsa2016-96","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2946","reference_id":"RHSA-2016:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2946"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-9904"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1tcx-3zn1-ykdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56647?format=json","vulnerability_id":"VCID-1w8j-w2rh-hqdf","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2809.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2809.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2809","reference_id":"","reference_type":"","scores":[{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60036","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.59911","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60034","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60047","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60068","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60053","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.59988","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60013","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.59984","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2809"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1212939","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1212939"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:N/I:P/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-40.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-40.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330272","reference_id":"1330272","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330272"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2809","reference_id":"CVE-2016-2809","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2809"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2809","reference_id":"CVE-2016-2809","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2809"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-40","reference_id":"mfsa2016-40","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-40"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2809"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1w8j-w2rh-hqdf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56727?format=json","vulnerability_id":"VCID-2j27-84u7-83ak","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5276.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5276.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5276","reference_id":"","reference_type":"","scores":[{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83338","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83324","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83333","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83348","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83342","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83269","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.83285","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01919","scoring_system":"epss","scoring_elements":"0.833","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377557","reference_id":"1377557","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377557"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5276"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2j27-84u7-83ak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56754?format=json","vulnerability_id":"VCID-2ptm-gx1p-uyhf","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9897.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9897.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9897","reference_id":"","reference_type":"","scores":[{"value":"0.0395","scoring_system":"epss","scoring_elements":"0.88353","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0395","scoring_system":"epss","scoring_elements":"0.88361","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0395","scoring_system":"epss","scoring_elements":"0.88298","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0395","scoring_system":"epss","scoring_elements":"0.88351","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0395","scoring_system":"epss","scoring_elements":"0.88344","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0395","scoring_system":"epss","scoring_elements":"0.88325","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0395","scoring_system":"epss","scoring_elements":"0.88306","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0395","scoring_system":"epss","scoring_elements":"0.8832","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9897"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1301381","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1301381"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3757","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3757"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-94/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-94/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-95/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-95/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-96/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-96/"},{"reference_url":"http://www.securityfocus.com/bid/94885","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94885"},{"reference_url":"http://www.securitytracker.com/id/1037461","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404087","reference_id":"1404087","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404087"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9897","reference_id":"CVE-2016-9897","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9897"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95","reference_id":"mfsa2016-95","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96","reference_id":"mfsa2016-96","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2946","reference_id":"RHSA-2016:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2946"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-9897"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2ptm-gx1p-uyhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56759?format=json","vulnerability_id":"VCID-2xe3-59tz-zbc3","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9901.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9901.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9901","reference_id":"","reference_type":"","scores":[{"value":"0.0203","scoring_system":"epss","scoring_elements":"0.83797","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0203","scoring_system":"epss","scoring_elements":"0.83759","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0203","scoring_system":"epss","scoring_elements":"0.83762","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0203","scoring_system":"epss","scoring_elements":"0.83786","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0203","scoring_system":"epss","scoring_elements":"0.83792","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0203","scoring_system":"epss","scoring_elements":"0.83808","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0203","scoring_system":"epss","scoring_elements":"0.83801","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0203","scoring_system":"epss","scoring_elements":"0.83731","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0203","scoring_system":"epss","scoring_elements":"0.83744","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9901"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1320057","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1320057"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-94/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-94/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-95/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-95/"},{"reference_url":"http://www.securityfocus.com/bid/94885","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94885"},{"reference_url":"http://www.securitytracker.com/id/1037461","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404358","reference_id":"1404358","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404358"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9901","reference_id":"CVE-2016-9901","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9901"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95","reference_id":"mfsa2016-95","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2946","reference_id":"RHSA-2016:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2973","reference_id":"RHSA-2016:2973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2973"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-9901"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2xe3-59tz-zbc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56746?format=json","vulnerability_id":"VCID-3dea-vjmc-b7eb","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5297.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5297.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5297","reference_id":"","reference_type":"","scores":[{"value":"0.01818","scoring_system":"epss","scoring_elements":"0.8286","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01818","scoring_system":"epss","scoring_elements":"0.82864","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01818","scoring_system":"epss","scoring_elements":"0.82795","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01818","scoring_system":"epss","scoring_elements":"0.82869","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01818","scoring_system":"epss","scoring_elements":"0.82853","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01818","scoring_system":"epss","scoring_elements":"0.82846","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01818","scoring_system":"epss","scoring_elements":"0.82821","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01818","scoring_system":"epss","scoring_elements":"0.82825","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01818","scoring_system":"epss","scoring_elements":"0.82812","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5297"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1303678","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1303678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2016/dsa-3730","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2016/dsa-3730"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-89/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-89/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-90/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-90/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-93/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-93/"},{"reference_url":"http://www.securityfocus.com/bid/94336","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94336"},{"reference_url":"http://www.securitytracker.com/id/1037298","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037298"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395058","reference_id":"1395058","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395058"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5297","reference_id":"CVE-2016-5297","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5297"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90","reference_id":"mfsa2016-90","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93","reference_id":"mfsa2016-93","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2780","reference_id":"RHSA-2016:2780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2780"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"},{"reference_url":"https://usn.ubuntu.com/3141-1/","reference_id":"USN-3141-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3141-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5297"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3dea-vjmc-b7eb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56755?format=json","vulnerability_id":"VCID-4d2q-usge-77ft","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9898.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9898.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9898","reference_id":"","reference_type":"","scores":[{"value":"0.02604","scoring_system":"epss","scoring_elements":"0.85622","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02604","scoring_system":"epss","scoring_elements":"0.85626","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02604","scoring_system":"epss","scoring_elements":"0.8555","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02604","scoring_system":"epss","scoring_elements":"0.85629","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02604","scoring_system":"epss","scoring_elements":"0.85616","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02604","scoring_system":"epss","scoring_elements":"0.85605","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02604","scoring_system":"epss","scoring_elements":"0.85585","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02604","scoring_system":"epss","scoring_elements":"0.8558","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02604","scoring_system":"epss","scoring_elements":"0.85562","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9898"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1314442","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1314442"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3757","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3757"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-94/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-94/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-95/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-95/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-96/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-96/"},{"reference_url":"http://www.securityfocus.com/bid/94885","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94885"},{"reference_url":"http://www.securitytracker.com/id/1037461","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404089","reference_id":"1404089","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404089"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9898","reference_id":"CVE-2016-9898","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9898"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95","reference_id":"mfsa2016-95","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96","reference_id":"mfsa2016-96","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2946","reference_id":"RHSA-2016:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2946"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-9898"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4d2q-usge-77ft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56723?format=json","vulnerability_id":"VCID-4xud-hwda-pyhw","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5272.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5272.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5272","reference_id":"","reference_type":"","scores":[{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.6879","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68792","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68811","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68834","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68819","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68723","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68742","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68762","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68741","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377554","reference_id":"1377554","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377554"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5272"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4xud-hwda-pyhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56742?format=json","vulnerability_id":"VCID-545u-wnrj-z3dh","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5291.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5291.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5291","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10895","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10918","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10797","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10951","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1095","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10897","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10822","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10997","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10932","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5291"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1292159","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1292159"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2016/dsa-3730","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2016/dsa-3730"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-89/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-89/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-90/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-90/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-93/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-93/"},{"reference_url":"http://www.securityfocus.com/bid/94336","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94336"},{"reference_url":"http://www.securitytracker.com/id/1037298","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037298"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395065","reference_id":"1395065","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395065"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5291","reference_id":"CVE-2016-5291","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:C/I:N/A:N"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5291"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90","reference_id":"mfsa2016-90","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93","reference_id":"mfsa2016-93","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2780","reference_id":"RHSA-2016:2780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2780"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"},{"reference_url":"https://usn.ubuntu.com/3141-1/","reference_id":"USN-3141-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3141-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5291"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-545u-wnrj-z3dh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56753?format=json","vulnerability_id":"VCID-5dyh-s3yd-vqes","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9895.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9895.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9895","reference_id":"","reference_type":"","scores":[{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72206","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.7222","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72161","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72236","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72213","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72201","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72164","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72186","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72166","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9895"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1312272","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1312272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3757","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3757"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-94/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-94/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-95/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-95/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-96/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-96/"},{"reference_url":"http://www.securityfocus.com/bid/94885","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94885"},{"reference_url":"http://www.securitytracker.com/id/1037461","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404086","reference_id":"1404086","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404086"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9895","reference_id":"CVE-2016-9895","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9895"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95","reference_id":"mfsa2016-95","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96","reference_id":"mfsa2016-96","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2946","reference_id":"RHSA-2016:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2973","reference_id":"RHSA-2016:2973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2973"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-9895"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5dyh-s3yd-vqes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56646?format=json","vulnerability_id":"VCID-6xgq-h4jf-sya9","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2808.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2808.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2808","reference_id":"","reference_type":"","scores":[{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71581","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71544","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71582","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71593","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71616","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.716","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71551","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71569","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71542","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2808"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1246061","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1246061"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3559","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3559"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-47.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-47.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330286","reference_id":"1330286","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330286"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2808","reference_id":"CVE-2016-2808","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2808"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-47","reference_id":"mfsa2016-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0695","reference_id":"RHSA-2016:0695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0695"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2808"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6xgq-h4jf-sya9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56688?format=json","vulnerability_id":"VCID-7kf6-5a92-hfhk","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5252.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5252.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5252","reference_id":"","reference_type":"","scores":[{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80807","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80863","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.8086","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80869","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80885","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80871","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80816","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80837","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80833","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5252"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1268854","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1268854"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3640","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3640"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-67.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-67.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.securityfocus.com/bid/92261","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92261"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361979","reference_id":"1361979","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361979"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5252","reference_id":"CVE-2016-5252","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5252"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5252","reference_id":"CVE-2016-5252","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5252"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-67","reference_id":"mfsa2016-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-67"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1551","reference_id":"RHSA-2016:1551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1551"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5252"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7kf6-5a92-hfhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56700?format=json","vulnerability_id":"VCID-8dmy-qa26-rbha","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5258.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5258.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5258","reference_id":"","reference_type":"","scores":[{"value":"0.01101","scoring_system":"epss","scoring_elements":"0.78001","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01101","scoring_system":"epss","scoring_elements":"0.78057","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01101","scoring_system":"epss","scoring_elements":"0.78021","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01101","scoring_system":"epss","scoring_elements":"0.78047","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01101","scoring_system":"epss","scoring_elements":"0.78052","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01101","scoring_system":"epss","scoring_elements":"0.78078","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01101","scoring_system":"epss","scoring_elements":"0.78061","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01101","scoring_system":"epss","scoring_elements":"0.78009","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01101","scoring_system":"epss","scoring_elements":"0.78038","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5258"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1279146","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1279146"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3640","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3640"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-72.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-72.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.securityfocus.com/bid/92258","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92258"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361982","reference_id":"1361982","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361982"},{"reference_url":"https://security.archlinux.org/AVG-935","reference_id":"AVG-935","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-935"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5258","reference_id":"CVE-2016-5258","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5258"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5258","reference_id":"CVE-2016-5258","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5258"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-72","reference_id":"mfsa2016-72","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-72"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1551","reference_id":"RHSA-2016:1551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1551"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5258"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8dmy-qa26-rbha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56708?format=json","vulnerability_id":"VCID-8xz8-qent-zkav","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5260.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5260.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5260","reference_id":"","reference_type":"","scores":[{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69546","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69614","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.6962","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69643","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69628","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69558","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69574","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69553","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69604","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5260"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1280294","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1280294"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-74.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-74.html"},{"reference_url":"http://www.securityfocus.com/bid/92260","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92260"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361985","reference_id":"1361985","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361985"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5260","reference_id":"CVE-2016-5260","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5260"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5260","reference_id":"CVE-2016-5260","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5260"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-74","reference_id":"mfsa2016-74","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-74"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5260"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8xz8-qent-zkav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56680?format=json","vulnerability_id":"VCID-8y7u-dhmg-j3ch","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2838.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2838.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2838","reference_id":"","reference_type":"","scores":[{"value":"0.00853","scoring_system":"epss","scoring_elements":"0.74883","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00853","scoring_system":"epss","scoring_elements":"0.74882","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00853","scoring_system":"epss","scoring_elements":"0.74912","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.78544","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.78505","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.78531","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.78536","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01155","scoring_system":"epss","scoring_elements":"0.78562","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2838"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1279814","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1279814"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3640","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3640"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-64.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-64.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.securityfocus.com/bid/92261","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92261"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361976","reference_id":"1361976","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361976"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2838","reference_id":"CVE-2016-2838","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2838"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2838","reference_id":"CVE-2016-2838","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2838"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-64","reference_id":"mfsa2016-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-64"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1551","reference_id":"RHSA-2016:1551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1551"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2838"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8y7u-dhmg-j3ch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56712?format=json","vulnerability_id":"VCID-935y-sfuq-qqgh","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5263.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5263.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5263","reference_id":"","reference_type":"","scores":[{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.71481","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.71521","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.71519","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.71531","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.71554","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.71539","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.71489","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.71505","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.71479","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5263"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1276897","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1276897"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3640","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3640"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-78.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-78.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.securityfocus.com/bid/92258","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92258"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361991","reference_id":"1361991","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361991"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5263","reference_id":"CVE-2016-5263","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5263"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5263","reference_id":"CVE-2016-5263","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5263"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-78","reference_id":"mfsa2016-78","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-78"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1551","reference_id":"RHSA-2016:1551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1551"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5263"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-935y-sfuq-qqgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56720?format=json","vulnerability_id":"VCID-9fxa-6w88-y3h4","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5268.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5268.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5268","reference_id":"","reference_type":"","scores":[{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63248","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63333","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63352","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63369","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63387","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.6337","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63307","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63335","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.633","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5268"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1253673","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1253673"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-83.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-83.html"},{"reference_url":"http://www.securityfocus.com/bid/92260","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92260"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361996","reference_id":"1361996","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361996"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5268","reference_id":"CVE-2016-5268","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5268"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5268","reference_id":"CVE-2016-5268","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5268"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-83","reference_id":"mfsa2016-83","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-83"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5268"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9fxa-6w88-y3h4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50400?format=json","vulnerability_id":"VCID-avw6-7aqv-hbaa","summary":"Multiple vulnerabilities have been found in Mozilla SeaMonkey, the\n    worst of which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2843.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2016-2843.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2850.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2016-2850.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9079.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9079.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9079","reference_id":"","reference_type":"","scores":[{"value":"0.84813","scoring_system":"epss","scoring_elements":"0.9934","published_at":"2026-04-09T12:55:00Z"},{"value":"0.84813","scoring_system":"epss","scoring_elements":"0.99336","published_at":"2026-04-02T12:55:00Z"},{"value":"0.84813","scoring_system":"epss","scoring_elements":"0.99343","published_at":"2026-04-13T12:55:00Z"},{"value":"0.84813","scoring_system":"epss","scoring_elements":"0.99341","published_at":"2026-04-11T12:55:00Z"},{"value":"0.84813","scoring_system":"epss","scoring_elements":"0.99337","published_at":"2026-04-04T12:55:00Z"},{"value":"0.84813","scoring_system":"epss","scoring_elements":"0.99339","published_at":"2026-04-07T12:55:00Z"},{"value":"0.84813","scoring_system":"epss","scoring_elements":"0.99335","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9079"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1321066","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1321066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-9079","reference_id":"","reference_type":"","scores":[],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-9079"},{"reference_url":"https://www.debian.org/security/2016/dsa-3730","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"https://www.debian.org/security/2016/dsa-3730"},{"reference_url":"https://www.exploit-db.com/exploits/41151/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"https://www.exploit-db.com/exploits/41151/"},{"reference_url":"https://www.exploit-db.com/exploits/42327/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"https://www.exploit-db.com/exploits/42327/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-92/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2016-92/"},{"reference_url":"http://www.securityfocus.com/bid/94591","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"http://www.securityfocus.com/bid/94591"},{"reference_url":"http://www.securitytracker.com/id/1037370","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"http://www.securitytracker.com/id/1037370"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1400376","reference_id":"1400376","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1400376"},{"reference_url":"https://security.archlinux.org/ASA-201612-1","reference_id":"ASA-201612-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-1"},{"reference_url":"https://security.archlinux.org/ASA-201612-2","reference_id":"ASA-201612-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-2"},{"reference_url":"https://security.archlinux.org/AVG-90","reference_id":"AVG-90","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-90"},{"reference_url":"https://security.archlinux.org/AVG-91","reference_id":"AVG-91","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-91"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:torproject:tor:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:torproject:tor:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:torproject:tor:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/rapid7/metasploit-framework/blob/f4db90edeb7f03ce1e95f5898954cbea7e13ff6c/modules/exploits/windows/browser/firefox_smil_uaf.rb","reference_id":"CVE-2016-9079","reference_type":"exploit","scores":[],"url":"https://github.com/rapid7/metasploit-framework/blob/f4db90edeb7f03ce1e95f5898954cbea7e13ff6c/modules/exploits/windows/browser/firefox_smil_uaf.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/41151.rb","reference_id":"CVE-2016-9079","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/41151.rb"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9079","reference_id":"CVE-2016-9079","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9079"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/42327.html","reference_id":"CVE-2017-5375;CVE-2016-9079","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/42327.html"},{"reference_url":"https://rh0dev.github.io/blog/2017/the-return-of-the-jit/","reference_id":"CVE-2017-5375;CVE-2016-9079","reference_type":"exploit","scores":[],"url":"https://rh0dev.github.io/blog/2017/the-return-of-the-jit/"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://security.gentoo.org/glsa/201701-35","reference_id":"GLSA-201701-35","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/"}],"url":"https://security.gentoo.org/glsa/201701-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-92","reference_id":"mfsa2016-92","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-92"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2843","reference_id":"RHSA-2016:2843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2850","reference_id":"RHSA-2016:2850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2850"},{"reference_url":"https://usn.ubuntu.com/3140-1/","reference_id":"USN-3140-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3140-1/"},{"reference_url":"https://usn.ubuntu.com/3141-1/","reference_id":"USN-3141-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3141-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-9079"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-avw6-7aqv-hbaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56705?format=json","vulnerability_id":"VCID-b4dv-raac-tkf1","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5259.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5259.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5259","reference_id":"","reference_type":"","scores":[{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.78434","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.78485","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.7848","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.78486","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.78511","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.78492","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.7844","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.7847","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.78454","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5259"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1282992","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1282992"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3640","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3640"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-73.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-73.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.securityfocus.com/bid/92258","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92258"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361984","reference_id":"1361984","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361984"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5259","reference_id":"CVE-2016-5259","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5259"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5259","reference_id":"CVE-2016-5259","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5259"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-73","reference_id":"mfsa2016-73","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-73"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1551","reference_id":"RHSA-2016:1551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1551"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5259"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b4dv-raac-tkf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56674?format=json","vulnerability_id":"VCID-b65s-fwk5-gkbs","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2827.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2827.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2827","reference_id":"","reference_type":"","scores":[{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63459","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63519","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63546","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.6351","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63562","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63579","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63595","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.6358","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2827"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377660","reference_id":"1377660","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377660"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2827"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b65s-fwk5-gkbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56716?format=json","vulnerability_id":"VCID-bb61-y349-fqgx","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5266.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5266.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5266","reference_id":"","reference_type":"","scores":[{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62334","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62441","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62437","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62455","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62474","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62463","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62392","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62423","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62389","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5266"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1226977","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1226977"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-81.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-81.html"},{"reference_url":"http://www.securityfocus.com/bid/92260","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92260"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361995","reference_id":"1361995","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361995"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5266","reference_id":"CVE-2016-5266","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5266"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5266","reference_id":"CVE-2016-5266","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"},{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5266"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-81","reference_id":"mfsa2016-81","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-81"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5266"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bb61-y349-fqgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56711?format=json","vulnerability_id":"VCID-c2kz-qw3v-eqbz","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5262.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5262.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5262","reference_id":"","reference_type":"","scores":[{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52598","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52697","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52684","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52679","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52729","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52712","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52641","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52668","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52634","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5262"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1277475","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1277475"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3640","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3640"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-76.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-76.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.securityfocus.com/bid/92258","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92258"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361987","reference_id":"1361987","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361987"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5262","reference_id":"CVE-2016-5262","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5262"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5262","reference_id":"CVE-2016-5262","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5262"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-76","reference_id":"mfsa2016-76","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-76"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1551","reference_id":"RHSA-2016:1551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1551"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5262"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c2kz-qw3v-eqbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56696?format=json","vulnerability_id":"VCID-c3ex-zw8a-6bcy","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5257.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5257.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5257","reference_id":"","reference_type":"","scores":[{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75778","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75768","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75779","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75803","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75784","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75721","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75724","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75755","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75733","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377543","reference_id":"1377543","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377543"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1985","reference_id":"RHSA-2016:1985","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1985"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5257"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c3ex-zw8a-6bcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56689?format=json","vulnerability_id":"VCID-d9dm-aww1-pfbm","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5253","reference_id":"","reference_type":"","scores":[{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18226","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18272","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18324","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18325","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18278","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18423","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18477","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18186","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.1827","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5253"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1246944","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1246944"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-69.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-69.html"},{"reference_url":"http://www.securityfocus.com/bid/92260","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92260"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5253","reference_id":"CVE-2016-5253","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5253"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5253","reference_id":"CVE-2016-5253","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:C/A:N"},{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5253"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-69","reference_id":"mfsa2016-69","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-69"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5253"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d9dm-aww1-pfbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56678?format=json","vulnerability_id":"VCID-d9z7-npfz-53a8","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2837.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2837.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2837","reference_id":"","reference_type":"","scores":[{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60463","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60587","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60583","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.606","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60623","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60608","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60539","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60565","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60534","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2837"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1274637","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1274637"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3640","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3640"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-77.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-77.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.securityfocus.com/bid/92258","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92258"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"http://www.zerodayinitiative.com/advisories/ZDI-16-673","reference_id":"","reference_type":"","scores":[],"url":"http://www.zerodayinitiative.com/advisories/ZDI-16-673"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361989","reference_id":"1361989","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361989"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2837","reference_id":"CVE-2016-2837","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2837"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2837","reference_id":"CVE-2016-2837","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2837"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-77","reference_id":"mfsa2016-77","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-77"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1551","reference_id":"RHSA-2016:1551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1551"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2837"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d9z7-npfz-53a8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56672?format=json","vulnerability_id":"VCID-de4g-6sjv-6ugg","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2820.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2820.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2820","reference_id":"","reference_type":"","scores":[{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61995","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61866","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61988","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62006","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62027","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62016","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61939","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61969","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2820"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=870870","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=870870"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-48.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-48.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330287","reference_id":"1330287","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330287"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2820","reference_id":"CVE-2016-2820","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2820"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2820","reference_id":"CVE-2016-2820","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2820"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-48","reference_id":"mfsa2016-48","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-48"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2820"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-de4g-6sjv-6ugg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56728?format=json","vulnerability_id":"VCID-dvcv-fgk6-buet","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5277.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5277.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5277","reference_id":"","reference_type":"","scores":[{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84605","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84589","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84595","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84614","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.8461","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84528","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84543","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84564","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84568","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377559","reference_id":"1377559","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377559"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5277"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dvcv-fgk6-buet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56663?format=json","vulnerability_id":"VCID-dyn7-63ve-37at","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://dl.acm.org/citation.cfm?id=2714650","reference_id":"","reference_type":"","scores":[],"url":"http://dl.acm.org/citation.cfm?id=2714650"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2813.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2813.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2813","reference_id":"","reference_type":"","scores":[{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64658","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64578","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64666","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64682","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64698","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64687","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64631","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.6466","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64617","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2813"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1197901","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1197901"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-43.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-43.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330278","reference_id":"1330278","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330278"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2813","reference_id":"CVE-2016-2813","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2813"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2813","reference_id":"CVE-2016-2813","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2813"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-43","reference_id":"mfsa2016-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-43"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2813"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dyn7-63ve-37at"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56725?format=json","vulnerability_id":"VCID-e4mx-ww79-1bau","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5274.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5274.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5274","reference_id":"","reference_type":"","scores":[{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85075","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85057","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85064","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.8508","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85079","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85013","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85031","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02405","scoring_system":"epss","scoring_elements":"0.85035","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377558","reference_id":"1377558","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377558"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5274"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e4mx-ww79-1bau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56713?format=json","vulnerability_id":"VCID-eh1p-amew-hydf","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5264.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5264.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5264","reference_id":"","reference_type":"","scores":[{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77062","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77123","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77112","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77121","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77149","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77128","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77068","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77096","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77079","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5264"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1286183","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1286183"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3640","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3640"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-79.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-79.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.securityfocus.com/bid/92258","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92258"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361992","reference_id":"1361992","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361992"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5264","reference_id":"CVE-2016-5264","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5264"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5264","reference_id":"CVE-2016-5264","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5264"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-79","reference_id":"mfsa2016-79","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-79"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1551","reference_id":"RHSA-2016:1551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1551"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5264"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eh1p-amew-hydf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56751?format=json","vulnerability_id":"VCID-ekxy-vaed-u7cg","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9074.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9074.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9074","reference_id":"","reference_type":"","scores":[{"value":"0.01221","scoring_system":"epss","scoring_elements":"0.79091","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01221","scoring_system":"epss","scoring_elements":"0.79074","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01221","scoring_system":"epss","scoring_elements":"0.79059","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01221","scoring_system":"epss","scoring_elements":"0.79083","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01221","scoring_system":"epss","scoring_elements":"0.7909","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01221","scoring_system":"epss","scoring_elements":"0.79115","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01221","scoring_system":"epss","scoring_elements":"0.79101","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01221","scoring_system":"epss","scoring_elements":"0.79041","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01221","scoring_system":"epss","scoring_elements":"0.79047","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9074"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1293334","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1293334"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2016/dsa-3730","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2016/dsa-3730"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-89/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-89/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-90/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-90/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-93/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-93/"},{"reference_url":"http://www.securityfocus.com/bid/94341","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94341"},{"reference_url":"http://www.securitytracker.com/id/1037298","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037298"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396548","reference_id":"1396548","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396548"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9074","reference_id":"CVE-2016-9074","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9074"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://security.gentoo.org/glsa/201701-46","reference_id":"GLSA-201701-46","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-46"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90","reference_id":"mfsa2016-90","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93","reference_id":"mfsa2016-93","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93"},{"reference_url":"https://usn.ubuntu.com/3163-1/","reference_id":"USN-3163-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3163-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-9074"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ekxy-vaed-u7cg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56709?format=json","vulnerability_id":"VCID-emmz-dq8m-sfct","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1912.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1912.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5261.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5261.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5261","reference_id":"","reference_type":"","scores":[{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75045","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75009","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75043","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75054","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75077","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75056","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75001","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75004","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75033","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5261"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1287266","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1287266"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-86/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-86/"},{"reference_url":"http://www.debian.org/security/2016/dsa-3674","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3674"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-75.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-75.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"},{"reference_url":"http://www.securityfocus.com/bid/92260","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92260"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361986","reference_id":"1361986","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361986"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5261","reference_id":"CVE-2016-5261","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5261"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5261","reference_id":"CVE-2016-5261","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5261"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-75","reference_id":"mfsa2016-75","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-75"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5261"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-emmz-dq8m-sfct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56760?format=json","vulnerability_id":"VCID-fgnu-kh7z-xuau","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9902.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9902.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9902","reference_id":"","reference_type":"","scores":[{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61387","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61368","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61338","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61384","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.614","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61421","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61406","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61259","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61339","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9902"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1320039","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1320039"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-94/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-94/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-95/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-95/"},{"reference_url":"http://www.securityfocus.com/bid/94885","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94885"},{"reference_url":"http://www.securitytracker.com/id/1037461","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404359","reference_id":"1404359","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404359"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9902","reference_id":"CVE-2016-9902","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9902"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95","reference_id":"mfsa2016-95","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2946","reference_id":"RHSA-2016:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2973","reference_id":"RHSA-2016:2973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2973"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-9902"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fgnu-kh7z-xuau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56675?format=json","vulnerability_id":"VCID-fqmm-499j-nyc3","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2830.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2830.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2830","reference_id":"","reference_type":"","scores":[{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68053","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68115","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68122","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68137","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68162","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68148","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68075","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68094","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68071","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2830"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1255270","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1255270"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3640","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3640"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-63.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-63.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.securityfocus.com/bid/92261","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92261"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342897","reference_id":"1342897","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342897"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2830","reference_id":"CVE-2016-2830","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2830"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2830","reference_id":"CVE-2016-2830","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2830"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-63","reference_id":"mfsa2016-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-63"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1551","reference_id":"RHSA-2016:1551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1551"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2830"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fqmm-499j-nyc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56660?format=json","vulnerability_id":"VCID-fvp8-grcg-27d3","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2812.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2812.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2812","reference_id":"","reference_type":"","scores":[{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70369","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70307","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70359","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70374","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70398","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70383","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.7032","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70337","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70314","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2812"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1261776","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1261776"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-42.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-42.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330277","reference_id":"1330277","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330277"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2812","reference_id":"CVE-2016-2812","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2812"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2812","reference_id":"CVE-2016-2812","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2812"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-42","reference_id":"mfsa2016-42","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-42"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2812"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fvp8-grcg-27d3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56657?format=json","vulnerability_id":"VCID-gbsw-gmc4-uqad","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2811.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2811.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2811","reference_id":"","reference_type":"","scores":[{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82529","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82457","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82512","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82519","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82538","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82534","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82472","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82489","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82485","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2811"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1252330","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1252330"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-42.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-42.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330275","reference_id":"1330275","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330275"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2811","reference_id":"CVE-2016-2811","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2811"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2811","reference_id":"CVE-2016-2811","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2811"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-42","reference_id":"mfsa2016-42","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-42"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2811"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gbsw-gmc4-uqad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56693?format=json","vulnerability_id":"VCID-gqbc-wbhs-4bbx","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5256.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5256.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5256","reference_id":"","reference_type":"","scores":[{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82266","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82335","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82347","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82341","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82279","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82298","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82293","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.8232","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82327","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5256"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377666","reference_id":"1377666","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377666"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5256"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gqbc-wbhs-4bbx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56681?format=json","vulnerability_id":"VCID-gu5n-35b2-a3am","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2839.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2839.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2839","reference_id":"","reference_type":"","scores":[{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73044","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73096","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73085","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73098","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73122","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73102","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73053","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73074","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73048","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2839"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1275339","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1275339"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-65.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-65.html"},{"reference_url":"http://www.securityfocus.com/bid/92261","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92261"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361977","reference_id":"1361977","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361977"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ffmpeg:ffmpeg:0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2839","reference_id":"CVE-2016-2839","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2839"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2839","reference_id":"CVE-2016-2839","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2839"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-65","reference_id":"mfsa2016-65","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-65"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2839"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gu5n-35b2-a3am"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56637?format=json","vulnerability_id":"VCID-j2ga-ggcd-fkg1","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1041.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1041.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2805.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2805.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2805","reference_id":"","reference_type":"","scores":[{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.75981","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.75924","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.75972","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.75986","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.76011","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.75988","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.75928","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.7596","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.75939","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2805"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1241731","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1241731"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3559","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3559"},{"reference_url":"http://www.debian.org/security/2016/dsa-3576","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3576"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2973-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2973-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330266","reference_id":"1330266","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330266"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2805","reference_id":"CVE-2016-2805","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2805"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39","reference_id":"mfsa2016-39","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0695","reference_id":"RHSA-2016:0695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1041","reference_id":"RHSA-2016:1041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1041"},{"reference_url":"https://usn.ubuntu.com/2973-1/","reference_id":"USN-2973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2805"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j2ga-ggcd-fkg1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56744?format=json","vulnerability_id":"VCID-jxq3-3gzd-yycp","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5294","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21813","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21766","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21843","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21899","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21911","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2187","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21782","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21947","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.22001","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5294"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1246972","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1246972"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-89/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-89/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-90/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-90/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-93/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-93/"},{"reference_url":"http://www.securityfocus.com/bid/94336","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94336"},{"reference_url":"http://www.securitytracker.com/id/1037298","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037298"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5294","reference_id":"CVE-2016-5294","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:P/A:N"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5294"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90","reference_id":"mfsa2016-90","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93","reference_id":"mfsa2016-93","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5294"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jxq3-3gzd-yycp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56685?format=json","vulnerability_id":"VCID-k1u4-hqjh-zbc8","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5251.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5251.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5251","reference_id":"","reference_type":"","scores":[{"value":"0.00547","scoring_system":"epss","scoring_elements":"0.67816","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00547","scoring_system":"epss","scoring_elements":"0.67878","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00547","scoring_system":"epss","scoring_elements":"0.6789","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00547","scoring_system":"epss","scoring_elements":"0.67904","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00547","scoring_system":"epss","scoring_elements":"0.67928","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00547","scoring_system":"epss","scoring_elements":"0.67915","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00547","scoring_system":"epss","scoring_elements":"0.6784","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00547","scoring_system":"epss","scoring_elements":"0.67859","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5251"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1255570","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1255570"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-66.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-66.html"},{"reference_url":"http://www.securityfocus.com/bid/92260","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92260"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361978","reference_id":"1361978","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361978"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5251","reference_id":"CVE-2016-5251","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5251"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5251","reference_id":"CVE-2016-5251","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5251"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-66","reference_id":"mfsa2016-66","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-66"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5251"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k1u4-hqjh-zbc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56739?format=json","vulnerability_id":"VCID-kkp5-vwqy-abbc","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5284.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5284.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5284","reference_id":"","reference_type":"","scores":[{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67771","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67782","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67796","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67819","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67805","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67695","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.6773","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.6775","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377565","reference_id":"1377565","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377565"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5284"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kkp5-vwqy-abbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56692?format=json","vulnerability_id":"VCID-m2vr-a1ee-j7gv","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5255.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5255.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5255","reference_id":"","reference_type":"","scores":[{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.77957","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78013","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78001","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78006","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78033","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78015","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.77964","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.77993","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.77975","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5255"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1212356","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1212356"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-71.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-71.html"},{"reference_url":"http://www.securityfocus.com/bid/92260","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92260"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361981","reference_id":"1361981","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361981"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5255","reference_id":"CVE-2016-5255","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5255"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5255","reference_id":"CVE-2016-5255","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5255"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-71","reference_id":"mfsa2016-71","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-71"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5255"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m2vr-a1ee-j7gv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56733?format=json","vulnerability_id":"VCID-m52b-kam2-syg4","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5280.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5280.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5280","reference_id":"","reference_type":"","scores":[{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85337","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.8532","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85328","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85342","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.8534","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85265","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85277","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85295","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02499","scoring_system":"epss","scoring_elements":"0.85298","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377561","reference_id":"1377561","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377561"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5280"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m52b-kam2-syg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56715?format=json","vulnerability_id":"VCID-mnar-hq2z-q7dc","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5265.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5265.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5265","reference_id":"","reference_type":"","scores":[{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49428","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49477","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49491","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49486","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49503","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49475","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49456","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49483","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49436","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5265"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1278013","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1278013"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3640","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3640"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-80.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-80.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.securityfocus.com/bid/92258","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92258"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361994","reference_id":"1361994","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361994"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5265","reference_id":"CVE-2016-5265","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5265"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5265","reference_id":"CVE-2016-5265","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:N"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5265"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-80","reference_id":"mfsa2016-80","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-80"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1551","reference_id":"RHSA-2016:1551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1551"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5265"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mnar-hq2z-q7dc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56638?format=json","vulnerability_id":"VCID-mupu-c1j2-xkgs","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2806.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2806.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2806","reference_id":"","reference_type":"","scores":[{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82682","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82616","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82668","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82674","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82692","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82686","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82631","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82646","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82642","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2806"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1212328","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1212328"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1228882","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1228882"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1231919","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1231919"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1238592","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1238592"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1242668","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1242668"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1242810","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1242810"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1251922","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1251922"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1253099","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1253099"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254122","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254122"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1255949","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1255949"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1256065","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1256065"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1258231","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1258231"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1260439","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1260439"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3601","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3601"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330270","reference_id":"1330270","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330270"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2806","reference_id":"CVE-2016-2806","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2806"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2806","reference_id":"CVE-2016-2806","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2806"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39","reference_id":"mfsa2016-39","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0695","reference_id":"RHSA-2016:0695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0695"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2806"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mupu-c1j2-xkgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56670?format=json","vulnerability_id":"VCID-p365-j5gq-4uct","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2816.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2816.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2816","reference_id":"","reference_type":"","scores":[{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47879","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47811","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47872","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47868","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47892","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47869","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47849","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47871","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47819","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2816"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1223743","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1223743"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-45.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-45.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330282","reference_id":"1330282","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330282"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2816","reference_id":"CVE-2016-2816","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2816"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2816","reference_id":"CVE-2016-2816","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2816"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-45","reference_id":"mfsa2016-45","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-45"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2816"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p365-j5gq-4uct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56757?format=json","vulnerability_id":"VCID-pbrt-gcqj-kycv","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9900.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9900.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9900","reference_id":"","reference_type":"","scores":[{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77109","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77114","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77049","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77135","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77107","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77097","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77065","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77083","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77055","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9900"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1319122","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1319122"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3757","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3757"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-94/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-94/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-95/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-95/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-96/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-96/"},{"reference_url":"http://www.securityfocus.com/bid/94885","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94885"},{"reference_url":"http://www.securitytracker.com/id/1037461","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404090","reference_id":"1404090","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404090"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9900","reference_id":"CVE-2016-9900","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9900"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95","reference_id":"mfsa2016-95","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96","reference_id":"mfsa2016-96","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2946","reference_id":"RHSA-2016:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2973","reference_id":"RHSA-2016:2973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2973"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-9900"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pbrt-gcqj-kycv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56738?format=json","vulnerability_id":"VCID-q38n-z9wb-qufk","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5283.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5283.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5283","reference_id":"","reference_type":"","scores":[{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50855","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50955","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50993","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50971","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50913","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50939","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50896","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50953","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50951","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5283"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377670","reference_id":"1377670","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377670"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5283"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q38n-z9wb-qufk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56763?format=json","vulnerability_id":"VCID-q4x5-dz5r-jqgr","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9905.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9905.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9905","reference_id":"","reference_type":"","scores":[{"value":"0.01174","scoring_system":"epss","scoring_elements":"0.7869","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01174","scoring_system":"epss","scoring_elements":"0.78659","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01174","scoring_system":"epss","scoring_elements":"0.78685","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01174","scoring_system":"epss","scoring_elements":"0.78692","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01174","scoring_system":"epss","scoring_elements":"0.78716","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01174","scoring_system":"epss","scoring_elements":"0.78698","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01174","scoring_system":"epss","scoring_elements":"0.78642","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01174","scoring_system":"epss","scoring_elements":"0.78648","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01174","scoring_system":"epss","scoring_elements":"0.78679","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9905"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1293985","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1293985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3757","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3757"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-95/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-95/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-96/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-96/"},{"reference_url":"http://www.securityfocus.com/bid/94884","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94884"},{"reference_url":"http://www.securitytracker.com/id/1037462","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037462"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404094","reference_id":"1404094","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404094"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9905","reference_id":"CVE-2016-9905","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9905"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95","reference_id":"mfsa2016-95","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96","reference_id":"mfsa2016-96","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2946","reference_id":"RHSA-2016:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2973","reference_id":"RHSA-2016:2973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2973"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-9905"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q4x5-dz5r-jqgr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56683?format=json","vulnerability_id":"VCID-qne4-76n5-4yf3","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1912.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1912.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5250.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5250.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5250","reference_id":"","reference_type":"","scores":[{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67124","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67113","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67088","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67137","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67149","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67168","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67154","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67052","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67089","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5250"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254688","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254688"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-86/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-86/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-88/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-88/"},{"reference_url":"http://www.debian.org/security/2016/dsa-3674","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3674"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-84.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-84.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"},{"reference_url":"http://www.securityfocus.com/bid/92260","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92260"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361998","reference_id":"1361998","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361998"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5250","reference_id":"CVE-2016-5250","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5250"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5250","reference_id":"CVE-2016-5250","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5250"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-84","reference_id":"mfsa2016-84","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-84"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5250"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qne4-76n5-4yf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56741?format=json","vulnerability_id":"VCID-qptm-f15t-57gj","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2825.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2825.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5290.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5290.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5290","reference_id":"","reference_type":"","scores":[{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83117","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83121","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83051","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83127","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83111","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83103","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83079","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83081","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83067","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5290"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1309720%2C1297062%2C1303710%2C1018486%2C1292590%2C1301343%2C1301496%2C1308048%2C1308346%2C1299519%2C1286911%2C1298169","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1309720%2C1297062%2C1303710%2C1018486%2C1292590%2C1301343%2C1301496%2C1308048%2C1308346%2C1299519%2C1286911%2C1298169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2016/dsa-3730","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2016/dsa-3730"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-89/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-89/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-90/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-90/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-93/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-93/"},{"reference_url":"http://www.securityfocus.com/bid/94335","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94335"},{"reference_url":"http://www.securitytracker.com/id/1037298","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037298"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395066","reference_id":"1395066","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395066"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5290","reference_id":"CVE-2016-5290","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5290"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90","reference_id":"mfsa2016-90","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93","reference_id":"mfsa2016-93","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2780","reference_id":"RHSA-2016:2780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2780"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2825","reference_id":"RHSA-2016:2825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2825"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"},{"reference_url":"https://usn.ubuntu.com/3141-1/","reference_id":"USN-3141-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3141-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5290"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qptm-f15t-57gj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56724?format=json","vulnerability_id":"VCID-qrbp-3x9q-q3g2","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5273.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5273.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5273","reference_id":"","reference_type":"","scores":[{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.7175","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71807","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.718","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71824","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71757","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71776","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71789","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5273"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377669","reference_id":"1377669","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377669"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5273"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qrbp-3x9q-q3g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56737?format=json","vulnerability_id":"VCID-qrqw-p9v1-zfb2","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5282.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5282.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5282","reference_id":"","reference_type":"","scores":[{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.6016","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60284","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60315","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60302","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60237","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60262","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.6023","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.6028","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60295","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5282"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377675","reference_id":"1377675","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377675"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5282"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qrqw-p9v1-zfb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56756?format=json","vulnerability_id":"VCID-qu91-vc1p-dyb1","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9899.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9899.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9899","reference_id":"","reference_type":"","scores":[{"value":"0.36421","scoring_system":"epss","scoring_elements":"0.97118","published_at":"2026-04-13T12:55:00Z"},{"value":"0.36421","scoring_system":"epss","scoring_elements":"0.97117","published_at":"2026-04-12T12:55:00Z"},{"value":"0.36421","scoring_system":"epss","scoring_elements":"0.97089","published_at":"2026-04-01T12:55:00Z"},{"value":"0.36421","scoring_system":"epss","scoring_elements":"0.97116","published_at":"2026-04-11T12:55:00Z"},{"value":"0.36421","scoring_system":"epss","scoring_elements":"0.97112","published_at":"2026-04-09T12:55:00Z"},{"value":"0.36421","scoring_system":"epss","scoring_elements":"0.97102","published_at":"2026-04-07T12:55:00Z"},{"value":"0.36421","scoring_system":"epss","scoring_elements":"0.97096","published_at":"2026-04-02T12:55:00Z"},{"value":"0.36421","scoring_system":"epss","scoring_elements":"0.97101","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9899"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1317409","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1317409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3757","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3757"},{"reference_url":"https://www.exploit-db.com/exploits/41042/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/41042/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-94/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-94/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-95/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-95/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-96/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-96/"},{"reference_url":"http://www.securityfocus.com/bid/94885","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94885"},{"reference_url":"http://www.securitytracker.com/id/1037461","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404083","reference_id":"1404083","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404083"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/41042.html","reference_id":"CVE-2016-9899","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/41042.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9899","reference_id":"CVE-2016-9899","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9899"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95","reference_id":"mfsa2016-95","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96","reference_id":"mfsa2016-96","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2946","reference_id":"RHSA-2016:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2973","reference_id":"RHSA-2016:2973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2973"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-9899"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qu91-vc1p-dyb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56636?format=json","vulnerability_id":"VCID-qwc9-da7w-4kdr","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2804.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2804.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2804","reference_id":"","reference_type":"","scores":[{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76251","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76184","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76202","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76234","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76247","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76274","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76189","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76222","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2804"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1141382","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1141382"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1155328","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1155328"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1229855","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1229855"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1240880","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1240880"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1249183","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1249183"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1255298","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1255298"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330260","reference_id":"1330260","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330260"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2804","reference_id":"CVE-2016-2804","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2804"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2804","reference_id":"CVE-2016-2804","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2804"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39","reference_id":"mfsa2016-39","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2804"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qwc9-da7w-4kdr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56676?format=json","vulnerability_id":"VCID-r8jw-hvmm-pkhs","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2835.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2835.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2835","reference_id":"","reference_type":"","scores":[{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.68914","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.68981","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.68982","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.69001","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.69025","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.6901","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.68932","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.68952","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2835"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1222101","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1222101"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1251308","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1251308"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254106","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254106"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1264998","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1264998"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1270537","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1270537"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1275582","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1275582"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1280215","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1280215"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1280443","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1280443"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1282246","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1282246"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-62.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-62.html"},{"reference_url":"http://www.securityfocus.com/bid/92261","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92261"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361975","reference_id":"1361975","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361975"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2835","reference_id":"CVE-2016-2835","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2835"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2835","reference_id":"CVE-2016-2835","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2835"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-62","reference_id":"mfsa2016-62","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-62"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2835"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r8jw-hvmm-pkhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56735?format=json","vulnerability_id":"VCID-rqkq-q1x2-6fgq","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5281.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5281.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5281","reference_id":"","reference_type":"","scores":[{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.855","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85482","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85491","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85505","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85503","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85427","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85439","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85459","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85462","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377563","reference_id":"1377563","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377563"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5281"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rqkq-q1x2-6fgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56691?format=json","vulnerability_id":"VCID-sg3s-971c-c3fy","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5254.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5254.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5254","reference_id":"","reference_type":"","scores":[{"value":"0.01541","scoring_system":"epss","scoring_elements":"0.81309","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01541","scoring_system":"epss","scoring_elements":"0.8138","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01541","scoring_system":"epss","scoring_elements":"0.81338","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01541","scoring_system":"epss","scoring_elements":"0.81367","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01541","scoring_system":"epss","scoring_elements":"0.81372","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01541","scoring_system":"epss","scoring_elements":"0.81393","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01541","scoring_system":"epss","scoring_elements":"0.81318","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01541","scoring_system":"epss","scoring_elements":"0.8134","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5254"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1266963","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1266963"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3640","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3640"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-70.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-70.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.securityfocus.com/bid/92261","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92261"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361980","reference_id":"1361980","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361980"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5254","reference_id":"CVE-2016-5254","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5254"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5254","reference_id":"CVE-2016-5254","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5254"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-70","reference_id":"mfsa2016-70","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-70"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1551","reference_id":"RHSA-2016:1551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1551"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5254"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sg3s-971c-c3fy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56731?format=json","vulnerability_id":"VCID-sncs-nk53-jbap","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5279.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5279.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5279","reference_id":"","reference_type":"","scores":[{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59019","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59137","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59136","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59154","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59094","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59118","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59082","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59133","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5279"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377673","reference_id":"1377673","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377673"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5279"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sncs-nk53-jbap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56671?format=json","vulnerability_id":"VCID-sp11-eqxh-t3gw","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2817.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2817.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2817","reference_id":"","reference_type":"","scores":[{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60669","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60539","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60663","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60679","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60703","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60689","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60614","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60643","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2817"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1227462","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1227462"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-46.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-46.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330285","reference_id":"1330285","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330285"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2817","reference_id":"CVE-2016-2817","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2817"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2817","reference_id":"CVE-2016-2817","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2817"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-46","reference_id":"mfsa2016-46","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-46"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2817"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sp11-eqxh-t3gw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56747?format=json","vulnerability_id":"VCID-swmb-24y4-1kau","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9064.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9064.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9064","reference_id":"","reference_type":"","scores":[{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50796","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50783","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50739","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50795","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50792","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50835","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50811","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50704","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50758","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9064"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1303418","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1303418"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-89/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-89/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-90/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-90/"},{"reference_url":"http://www.securityfocus.com/bid/94336","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94336"},{"reference_url":"http://www.securitytracker.com/id/1037298","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037298"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395060","reference_id":"1395060","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395060"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9064","reference_id":"CVE-2016-9064","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9064"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90","reference_id":"mfsa2016-90","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2780","reference_id":"RHSA-2016:2780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2780"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-9064"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-swmb-24y4-1kau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56748?format=json","vulnerability_id":"VCID-tgya-wnfn-t7eb","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9066.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9066.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9066","reference_id":"","reference_type":"","scores":[{"value":"0.20609","scoring_system":"epss","scoring_elements":"0.95578","published_at":"2026-04-13T12:55:00Z"},{"value":"0.20609","scoring_system":"epss","scoring_elements":"0.95577","published_at":"2026-04-12T12:55:00Z"},{"value":"0.20609","scoring_system":"epss","scoring_elements":"0.95544","published_at":"2026-04-01T12:55:00Z"},{"value":"0.20609","scoring_system":"epss","scoring_elements":"0.95575","published_at":"2026-04-11T12:55:00Z"},{"value":"0.20609","scoring_system":"epss","scoring_elements":"0.95571","published_at":"2026-04-09T12:55:00Z"},{"value":"0.20609","scoring_system":"epss","scoring_elements":"0.95568","published_at":"2026-04-08T12:55:00Z"},{"value":"0.20609","scoring_system":"epss","scoring_elements":"0.95561","published_at":"2026-04-07T12:55:00Z"},{"value":"0.20609","scoring_system":"epss","scoring_elements":"0.95558","published_at":"2026-04-04T12:55:00Z"},{"value":"0.20609","scoring_system":"epss","scoring_elements":"0.95553","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9066"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1299686","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1299686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2016/dsa-3730","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2016/dsa-3730"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-89/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-89/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-90/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-90/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-93/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-93/"},{"reference_url":"http://www.securityfocus.com/bid/94336","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94336"},{"reference_url":"http://www.securitytracker.com/id/1037298","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037298"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395061","reference_id":"1395061","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395061"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9066","reference_id":"CVE-2016-9066","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9066"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90","reference_id":"mfsa2016-90","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93","reference_id":"mfsa2016-93","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2780","reference_id":"RHSA-2016:2780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2780"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"},{"reference_url":"https://usn.ubuntu.com/3141-1/","reference_id":"USN-3141-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3141-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-9066"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tgya-wnfn-t7eb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56729?format=json","vulnerability_id":"VCID-tsse-jnma-mbgw","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5278.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5278.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5278","reference_id":"","reference_type":"","scores":[{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81061","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81058","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81064","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81082","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81069","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.80999","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81008","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.81031","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01492","scoring_system":"epss","scoring_elements":"0.8103","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377549","reference_id":"1377549","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377549"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5278"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tsse-jnma-mbgw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56726?format=json","vulnerability_id":"VCID-uhct-zkhb-k3ca","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5275.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5275.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5275","reference_id":"","reference_type":"","scores":[{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82114","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82185","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82198","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.8219","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82128","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82149","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82146","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82172","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.8218","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5275"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377667","reference_id":"1377667","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377667"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5275"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uhct-zkhb-k3ca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56743?format=json","vulnerability_id":"VCID-umhx-zswu-kkbt","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5293","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21813","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21843","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21899","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21911","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2187","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21782","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21947","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.22001","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21766","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5293"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1246945","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1246945"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-89/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-89/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-90/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-90/"},{"reference_url":"http://www.securityfocus.com/bid/94336","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94336"},{"reference_url":"http://www.securitytracker.com/id/1037298","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037298"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5293","reference_id":"CVE-2016-5293","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:P/A:N"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5293"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90","reference_id":"mfsa2016-90","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5293"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-umhx-zswu-kkbt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56644?format=json","vulnerability_id":"VCID-va3j-erp3-3ugy","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1041.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1041.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2807.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2807.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2807","reference_id":"","reference_type":"","scores":[{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82682","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82616","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82668","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82674","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82692","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82686","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82631","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82646","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82642","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2807"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1187420","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1187420"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1252707","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1252707"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254164","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254164"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254622","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254622"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254876","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3559","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3559"},{"reference_url":"http://www.debian.org/security/2016/dsa-3576","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3576"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2973-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2973-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330271","reference_id":"1330271","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330271"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2807","reference_id":"CVE-2016-2807","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2807"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39","reference_id":"mfsa2016-39","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0695","reference_id":"RHSA-2016:0695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1041","reference_id":"RHSA-2016:1041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1041"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"},{"reference_url":"https://usn.ubuntu.com/2973-1/","reference_id":"USN-2973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2807"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-va3j-erp3-3ugy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56722?format=json","vulnerability_id":"VCID-vdvy-zc8w-6kbf","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5271.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5271.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5271","reference_id":"","reference_type":"","scores":[{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.6241","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62519","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62553","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62542","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62468","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.625","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62467","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62518","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62534","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5271"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377661","reference_id":"1377661","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377661"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5271"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vdvy-zc8w-6kbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56668?format=json","vulnerability_id":"VCID-vnh1-1r8e-efcd","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2814.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2814.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2814","reference_id":"","reference_type":"","scores":[{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84196","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84126","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84181","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84187","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84205","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.842","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84139","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84157","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84159","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2814"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254721","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254721"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3559","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3559"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-44.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-44.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330280","reference_id":"1330280","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330280"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2814","reference_id":"CVE-2016-2814","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2814"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-44","reference_id":"mfsa2016-44","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-44"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0695","reference_id":"RHSA-2016:0695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0695"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2814"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vnh1-1r8e-efcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56651?format=json","vulnerability_id":"VCID-vzkp-7dsz-kbee","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2810.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2810.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2810","reference_id":"","reference_type":"","scores":[{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50623","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.5053","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.5062","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50617","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.5066","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50637","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50586","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50614","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50567","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2810"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1229681","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1229681"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-41.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-41.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330274","reference_id":"1330274","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330274"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2810","reference_id":"CVE-2016-2810","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2810"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2810","reference_id":"CVE-2016-2810","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2810"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-41","reference_id":"mfsa2016-41","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-41"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2810"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vzkp-7dsz-kbee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56677?format=json","vulnerability_id":"VCID-wgxa-54sd-rqd6","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1551.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1809.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1809.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2836.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2836.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2836","reference_id":"","reference_type":"","scores":[{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67304","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67379","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67391","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67405","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67425","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67413","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.6734","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67363","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2836"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1154923","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1154923"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1249578","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1249578"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1257765","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1257765"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1258079","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1258079"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1268626","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1268626"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1282502","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1282502"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1283823","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1283823"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=822081","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=822081"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3640","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3640"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-62.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-62.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.securityfocus.com/bid/92261","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92261"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"http://www.ubuntu.com/usn/USN-3044-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3044-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361974","reference_id":"1361974","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361974"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2836","reference_id":"CVE-2016-2836","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2836"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2836","reference_id":"CVE-2016-2836","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2836"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-62","reference_id":"mfsa2016-62","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-62"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1551","reference_id":"RHSA-2016:1551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1809","reference_id":"RHSA-2016:1809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1809"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"},{"reference_url":"https://usn.ubuntu.com/3073-1/","reference_id":"USN-3073-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3073-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-2836"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wgxa-54sd-rqd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56745?format=json","vulnerability_id":"VCID-yegk-sgdn-z3ae","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2780.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5296.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5296.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5296","reference_id":"","reference_type":"","scores":[{"value":"0.0257","scoring_system":"epss","scoring_elements":"0.8554","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0257","scoring_system":"epss","scoring_elements":"0.85544","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0257","scoring_system":"epss","scoring_elements":"0.85469","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0257","scoring_system":"epss","scoring_elements":"0.85545","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0257","scoring_system":"epss","scoring_elements":"0.85531","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0257","scoring_system":"epss","scoring_elements":"0.85522","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0257","scoring_system":"epss","scoring_elements":"0.85502","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0257","scoring_system":"epss","scoring_elements":"0.85498","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0257","scoring_system":"epss","scoring_elements":"0.85481","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5296"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1292443","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1292443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2016/dsa-3730","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2016/dsa-3730"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-89/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-89/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-90/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-90/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-93/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-93/"},{"reference_url":"http://www.securityfocus.com/bid/94339","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94339"},{"reference_url":"http://www.securitytracker.com/id/1037298","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037298"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395055","reference_id":"1395055","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395055"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5296","reference_id":"CVE-2016-5296","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5296"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90","reference_id":"mfsa2016-90","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93","reference_id":"mfsa2016-93","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2780","reference_id":"RHSA-2016:2780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2780"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"},{"reference_url":"https://usn.ubuntu.com/3141-1/","reference_id":"USN-3141-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3141-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5296"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yegk-sgdn-z3ae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56752?format=json","vulnerability_id":"VCID-ysg5-wc3n-fbgw","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2946.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2973.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9893.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9893.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9893","reference_id":"","reference_type":"","scores":[{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.85849","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.85853","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.85776","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.85856","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.85842","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.85831","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.85813","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.85807","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.85789","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9893"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1319524%2C1298773%2C1299098%2C1309834%2C1312609%2C1313212%2C1317805%2C1312548%2C1315631%2C1287912","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1319524%2C1298773%2C1299098%2C1309834%2C1312609%2C1313212%2C1317805%2C1312548%2C1315631%2C1287912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3757","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3757"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-94/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-94/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-95/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-95/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2016-96/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2016-96/"},{"reference_url":"http://www.securityfocus.com/bid/94885","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94885"},{"reference_url":"http://www.securitytracker.com/id/1037461","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404096","reference_id":"1404096","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1404096"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9893","reference_id":"CVE-2016-9893","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9893"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95","reference_id":"mfsa2016-95","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-95"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96","reference_id":"mfsa2016-96","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-96"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2946","reference_id":"RHSA-2016:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2973","reference_id":"RHSA-2016:2973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2973"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-9893"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ysg5-wc3n-fbgw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56717?format=json","vulnerability_id":"VCID-z86r-71n4-p7aj","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5267","reference_id":"","reference_type":"","scores":[{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58775","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58663","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58788","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58795","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58813","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58747","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58768","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58735","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5267"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1284372","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1284372"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-82.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-82.html"},{"reference_url":"http://www.securityfocus.com/bid/92260","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92260"},{"reference_url":"http://www.securitytracker.com/id/1036508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036508"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5267","reference_id":"CVE-2016-5267","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5267"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5267","reference_id":"CVE-2016-5267","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5267"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-82","reference_id":"mfsa2016-82","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-82"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5267"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z86r-71n4-p7aj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56721?format=json","vulnerability_id":"VCID-z8f3-t842-8bfc","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5270.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5270.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5270","reference_id":"","reference_type":"","scores":[{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88647","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88619","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88638","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88642","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88654","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88591","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88601","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04132","scoring_system":"epss","scoring_elements":"0.88618","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377552","reference_id":"1377552","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377552"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86","reference_id":"mfsa2016-86","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-86"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88","reference_id":"mfsa2016-88","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1912","reference_id":"RHSA-2016:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1912"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"},{"reference_url":"https://usn.ubuntu.com/3112-1/","reference_id":"USN-3112-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3112-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83124?format=json","purl":"pkg:ebuild/www-client/firefox-bin@45.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}],"aliases":["CVE-2016-5270"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z8f3-t842-8bfc"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0"}