{"url":"http://public2.vulnerablecode.io/api/packages/86473?format=json","purl":"pkg:mozilla/Firefox@46.0.0","type":"mozilla","namespace":"","name":"Firefox","version":"46.0.0","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"47.0.0","latest_non_vulnerable_version":"150.0.3","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56647?format=json","vulnerability_id":"VCID-1w8j-w2rh-hqdf","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2809.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2809.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2809","reference_id":"","reference_type":"","scores":[{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60049","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.59911","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60093","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60066","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60107","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.59988","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60013","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.59984","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60034","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60047","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60068","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60053","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60036","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60075","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60081","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60067","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60038","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60055","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60043","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60002","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63644","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63635","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2809"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1212939","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1212939"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:N/I:P/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-40.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-40.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330272","reference_id":"1330272","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330272"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2809","reference_id":"CVE-2016-2809","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2809"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2809","reference_id":"CVE-2016-2809","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2809"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-40","reference_id":"mfsa2016-40","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-40"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86473?format=json","purl":"pkg:mozilla/Firefox@46.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@46.0.0"}],"aliases":["CVE-2016-2809"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1w8j-w2rh-hqdf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56646?format=json","vulnerability_id":"VCID-6xgq-h4jf-sya9","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2808.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2808.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2808","reference_id":"","reference_type":"","scores":[{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71787","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71544","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71691","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71723","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.7172","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71778","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71551","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71569","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71542","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71582","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71593","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71616","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.716","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71581","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71626","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71631","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71612","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71662","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71666","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71671","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71656","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2808"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1246061","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1246061"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3559","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3559"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-47.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-47.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330286","reference_id":"1330286","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330286"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2808","reference_id":"CVE-2016-2808","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2808"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-47","reference_id":"mfsa2016-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0695","reference_id":"RHSA-2016:0695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0695"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86473?format=json","purl":"pkg:mozilla/Firefox@46.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@46.0.0"}],"aliases":["CVE-2016-2808"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6xgq-h4jf-sya9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56672?format=json","vulnerability_id":"VCID-de4g-6sjv-6ugg","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2820.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2820.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2820","reference_id":"","reference_type":"","scores":[{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62137","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61866","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62088","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62042","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.6207","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62122","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61939","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61969","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61988","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62006","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62027","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62016","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61995","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62038","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62043","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62025","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62022","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62039","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62032","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61977","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62026","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2820"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=870870","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=870870"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-48.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-48.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330287","reference_id":"1330287","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330287"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2820","reference_id":"CVE-2016-2820","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2820"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2820","reference_id":"CVE-2016-2820","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2820"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-48","reference_id":"mfsa2016-48","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-48"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86473?format=json","purl":"pkg:mozilla/Firefox@46.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@46.0.0"}],"aliases":["CVE-2016-2820"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-de4g-6sjv-6ugg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56663?format=json","vulnerability_id":"VCID-dyn7-63ve-37at","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://dl.acm.org/citation.cfm?id=2714650","reference_id":"","reference_type":"","scores":[],"url":"http://dl.acm.org/citation.cfm?id=2714650"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2813.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2813.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2813","reference_id":"","reference_type":"","scores":[{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64848","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64578","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64792","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64763","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64784","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64839","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64631","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.6466","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64617","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64666","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64682","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64698","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64687","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64658","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64694","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64706","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64692","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64712","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64724","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64722","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64701","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64748","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2813"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1197901","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1197901"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-43.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-43.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330278","reference_id":"1330278","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330278"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2813","reference_id":"CVE-2016-2813","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2813"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2813","reference_id":"CVE-2016-2813","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2813"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-43","reference_id":"mfsa2016-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-43"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86473?format=json","purl":"pkg:mozilla/Firefox@46.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@46.0.0"}],"aliases":["CVE-2016-2813"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dyn7-63ve-37at"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56657?format=json","vulnerability_id":"VCID-gbsw-gmc4-uqad","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2811.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2811.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2811","reference_id":"","reference_type":"","scores":[{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82731","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82457","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82668","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82667","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82682","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82724","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82472","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82489","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82485","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82512","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82519","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82538","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82534","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82529","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82566","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.8257","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82591","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82601","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82607","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82627","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82648","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2811"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1252330","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1252330"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-42.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-42.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330275","reference_id":"1330275","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330275"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2811","reference_id":"CVE-2016-2811","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2811"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2811","reference_id":"CVE-2016-2811","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2811"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-42","reference_id":"mfsa2016-42","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-42"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86473?format=json","purl":"pkg:mozilla/Firefox@46.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@46.0.0"}],"aliases":["CVE-2016-2811"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gbsw-gmc4-uqad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56670?format=json","vulnerability_id":"VCID-p365-j5gq-4uct","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2816.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2816.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2816","reference_id":"","reference_type":"","scores":[{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47889","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47811","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47803","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47825","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47767","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47798","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47849","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47871","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47819","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47872","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47868","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47892","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47869","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47879","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47933","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47927","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47881","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47864","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47874","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47821","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47736","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2816"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1223743","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1223743"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-45.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-45.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330282","reference_id":"1330282","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330282"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2816","reference_id":"CVE-2016-2816","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2816"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2816","reference_id":"CVE-2016-2816","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2816"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-45","reference_id":"mfsa2016-45","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-45"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86473?format=json","purl":"pkg:mozilla/Firefox@46.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@46.0.0"}],"aliases":["CVE-2016-2816"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p365-j5gq-4uct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56671?format=json","vulnerability_id":"VCID-sp11-eqxh-t3gw","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2817.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2817.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2817","reference_id":"","reference_type":"","scores":[{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60813","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60539","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60754","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60714","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60741","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60802","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60614","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60643","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60663","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60679","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60703","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60689","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60669","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60711","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60717","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60702","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60701","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60692","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60649","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60696","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2817"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1227462","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1227462"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-46.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-46.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330285","reference_id":"1330285","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330285"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2817","reference_id":"CVE-2016-2817","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2817"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2817","reference_id":"CVE-2016-2817","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2817"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-46","reference_id":"mfsa2016-46","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-46"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86473?format=json","purl":"pkg:mozilla/Firefox@46.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@46.0.0"}],"aliases":["CVE-2016-2817"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sp11-eqxh-t3gw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56644?format=json","vulnerability_id":"VCID-va3j-erp3-3ugy","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1041.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1041.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2807.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2807.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2807","reference_id":"","reference_type":"","scores":[{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82884","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82616","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82824","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82822","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82837","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82875","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82631","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82646","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82642","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82668","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82674","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82692","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82686","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82682","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.8272","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82721","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82724","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82747","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82756","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82762","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82782","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.82803","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2807"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1187420","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1187420"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1252707","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1252707"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254164","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254164"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254622","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254622"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254876","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3559","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3559"},{"reference_url":"http://www.debian.org/security/2016/dsa-3576","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3576"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-39.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"http://www.ubuntu.com/usn/USN-2973-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2973-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330271","reference_id":"1330271","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330271"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2807","reference_id":"CVE-2016-2807","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2807"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39","reference_id":"mfsa2016-39","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0695","reference_id":"RHSA-2016:0695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1041","reference_id":"RHSA-2016:1041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1041"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"},{"reference_url":"https://usn.ubuntu.com/2973-1/","reference_id":"USN-2973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86473?format=json","purl":"pkg:mozilla/Firefox@46.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@46.0.0"}],"aliases":["CVE-2016-2807"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-va3j-erp3-3ugy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56668?format=json","vulnerability_id":"VCID-vnh1-1r8e-efcd","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0695.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2814.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2814.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2814","reference_id":"","reference_type":"","scores":[{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84379","published_at":"2026-05-15T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84126","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84321","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.8432","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84337","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.8437","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84139","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84157","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84159","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84181","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84187","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84205","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.842","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84196","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84218","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84219","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84223","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84247","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84256","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.8426","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84279","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84305","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2814"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254721","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1254721"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3559","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3559"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-44.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-44.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2936-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2936-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330280","reference_id":"1330280","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330280"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2814","reference_id":"CVE-2016-2814","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2814"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-44","reference_id":"mfsa2016-44","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-44"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0695","reference_id":"RHSA-2016:0695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0695"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86473?format=json","purl":"pkg:mozilla/Firefox@46.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@46.0.0"}],"aliases":["CVE-2016-2814"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vnh1-1r8e-efcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56651?format=json","vulnerability_id":"VCID-vzkp-7dsz-kbee","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2810.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2810.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2810","reference_id":"","reference_type":"","scores":[{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.5064","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.5053","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50566","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.5052","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.5055","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50627","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50586","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50614","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50567","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.5062","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50617","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.5066","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50637","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50623","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50664","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.5067","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50649","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50597","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50605","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50559","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50482","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50536","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2810"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1229681","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1229681"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-41.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-41.html"},{"reference_url":"http://www.securitytracker.com/id/1035692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035692"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330274","reference_id":"1330274","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330274"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2810","reference_id":"CVE-2016-2810","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2810"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2810","reference_id":"CVE-2016-2810","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2810"},{"reference_url":"https://security.gentoo.org/glsa/201701-15","reference_id":"GLSA-201701-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-41","reference_id":"mfsa2016-41","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-41"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86473?format=json","purl":"pkg:mozilla/Firefox@46.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@46.0.0"}],"aliases":["CVE-2016-2810"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vzkp-7dsz-kbee"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@46.0.0"}