{"url":"http://public2.vulnerablecode.io/api/packages/86478?format=json","purl":"pkg:mozilla/Firefox@44.0.0","type":"mozilla","namespace":"","name":"Firefox","version":"44.0.0","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"44.0.2","latest_non_vulnerable_version":"150.0.3","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51733?format=json","vulnerability_id":"VCID-2ms8-y2zb-wuhk","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1948","reference_id":"","reference_type":"","scores":[{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44364","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44469","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44332","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44266","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44297","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.4454","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44561","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.445","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.4455","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44555","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44572","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44542","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44543","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44599","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44591","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44522","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44438","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44442","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44361","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44238","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44315","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1948"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1235876","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1235876"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-12.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-12.html"},{"reference_url":"http://www.securitytracker.com/id/1034825","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034825"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:43.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1948","reference_id":"CVE-2016-1948","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1948"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1948","reference_id":"CVE-2016-1948","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1948"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-12","reference_id":"mfsa2016-12","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86478?format=json","purl":"pkg:mozilla/Firefox@44.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@44.0.0"}],"aliases":["CVE-2016-1948"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2ms8-y2zb-wuhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51723?format=json","vulnerability_id":"VCID-9mux-fuyc-a7dx","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1938.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1938.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1938","reference_id":"","reference_type":"","scores":[{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77706","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77455","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77653","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77641","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77659","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77461","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77486","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77467","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77497","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77506","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77532","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77516","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77513","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77552","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77549","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77541","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77577","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77583","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77598","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77606","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77635","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1938"},{"reference_url":"https://blog.fuzzing-project.org/37-Mozilla-NSS-Wrong-calculation-results-in-mp_div-and-mp_exptmod.html","reference_id":"","reference_type":"","scores":[],"url":"https://blog.fuzzing-project.org/37-Mozilla-NSS-Wrong-calculation-results-in-mp_div-and-mp_exptmod.html"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1190248","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1190248"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1194947","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1194947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes","reference_id":"","reference_type":"","scores":[],"url":"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes"},{"reference_url":"https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_div.c","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_div.c"},{"reference_url":"https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_exptmod.c","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_exptmod.c"},{"reference_url":"https://hg.mozilla.org/projects/nss/diff/a555bf0fc23a/lib/freebl/mpi/mpi.c","reference_id":"","reference_type":"","scores":[],"url":"https://hg.mozilla.org/projects/nss/diff/a555bf0fc23a/lib/freebl/mpi/mpi.c"},{"reference_url":"http://www.debian.org/security/2016/dsa-3688","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3688"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-07.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-07.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"},{"reference_url":"http://www.securityfocus.com/bid/81955","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/81955"},{"reference_url":"http://www.securityfocus.com/bid/91787","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91787"},{"reference_url":"http://www.securitytracker.com/id/1034825","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034825"},{"reference_url":"http://www.ubuntu.com/usn/USN-2880-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2880-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2880-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2880-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2903-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2903-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2903-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2903-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2973-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2973-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1305159","reference_id":"1305159","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1305159"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:nss:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:nss:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:nss:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938","reference_id":"CVE-2016-1938","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1938","reference_id":"CVE-2016-1938","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1938"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://security.gentoo.org/glsa/201701-46","reference_id":"GLSA-201701-46","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-46"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-07","reference_id":"mfsa2016-07","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-07"},{"reference_url":"https://usn.ubuntu.com/2880-1/","reference_id":"USN-2880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2880-1/"},{"reference_url":"https://usn.ubuntu.com/2903-1/","reference_id":"USN-2903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2903-1/"},{"reference_url":"https://usn.ubuntu.com/2973-1/","reference_id":"USN-2973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86478?format=json","purl":"pkg:mozilla/Firefox@44.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@44.0.0"}],"aliases":["CVE-2016-1938"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9mux-fuyc-a7dx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51726?format=json","vulnerability_id":"VCID-cmd5-hzau-9bb1","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1941","reference_id":"","reference_type":"","scores":[{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48079","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48008","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.4803","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47975","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48005","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48046","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48067","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48016","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48069","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48063","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48087","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48064","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48075","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48127","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48122","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48078","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.4806","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48071","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48019","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47938","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48006","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1941"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1116385","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1116385"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-08.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-08.html"},{"reference_url":"http://www.securitytracker.com/id/1034825","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034825"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1941","reference_id":"CVE-2016-1941","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1941"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1941","reference_id":"CVE-2016-1941","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1941"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-08","reference_id":"mfsa2016-08","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86478?format=json","purl":"pkg:mozilla/Firefox@44.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@44.0.0"}],"aliases":["CVE-2016-1941"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cmd5-hzau-9bb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51722?format=json","vulnerability_id":"VCID-ezh3-6eqd-q3eb","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1937.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1937.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1937","reference_id":"","reference_type":"","scores":[{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.57736","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.57556","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.57585","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.5764","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.57668","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.57641","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.57663","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.57638","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.57693","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.57696","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.57711","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.5769","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.5767","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.57699","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.57695","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.57674","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.57632","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.57651","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.5763","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1937"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=724353","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=724353"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-06.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-06.html"},{"reference_url":"http://www.securityfocus.com/bid/81957","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/81957"},{"reference_url":"http://www.securitytracker.com/id/1034825","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034825"},{"reference_url":"http://www.ubuntu.com/usn/USN-2880-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2880-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2880-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2880-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301823","reference_id":"1301823","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301823"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1937","reference_id":"CVE-2016-1937","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1937"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1937","reference_id":"CVE-2016-1937","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1937"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-06","reference_id":"mfsa2016-06","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-06"},{"reference_url":"https://usn.ubuntu.com/2880-1/","reference_id":"USN-2880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2880-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86478?format=json","purl":"pkg:mozilla/Firefox@44.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@44.0.0"}],"aliases":["CVE-2016-1937"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ezh3-6eqd-q3eb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51725?format=json","vulnerability_id":"VCID-fjdm-u6fm-y7eq","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1940","reference_id":"","reference_type":"","scores":[{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55375","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55204","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55328","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.5529","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55314","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55303","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55327","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55309","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55359","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.5536","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55371","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55349","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55331","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55367","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55287","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55307","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.5528","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55229","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55272","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1940"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1208525","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1208525"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-05.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-05.html"},{"reference_url":"http://www.securitytracker.com/id/1034825","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034825"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1940","reference_id":"CVE-2016-1940","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1940"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1940","reference_id":"CVE-2016-1940","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1940"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-05","reference_id":"mfsa2016-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-05"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86478?format=json","purl":"pkg:mozilla/Firefox@44.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@44.0.0"}],"aliases":["CVE-2016-1940"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fjdm-u6fm-y7eq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51728?format=json","vulnerability_id":"VCID-gb42-43gw-pygv","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1943.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1943.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1943","reference_id":"","reference_type":"","scores":[{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68345","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68084","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68293","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68258","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68286","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68107","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68125","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68102","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68154","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68169","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68194","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.6818","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68147","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68185","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68197","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68179","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68222","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68231","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68236","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68211","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68256","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1943"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1228590","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1228590"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-09.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-09.html"},{"reference_url":"http://www.securityfocus.com/bid/81948","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/81948"},{"reference_url":"http://www.securitytracker.com/id/1034825","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034825"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301827","reference_id":"1301827","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301827"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:43.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1943","reference_id":"CVE-2016-1943","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1943"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1943","reference_id":"CVE-2016-1943","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1943"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-09","reference_id":"mfsa2016-09","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-09"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86478?format=json","purl":"pkg:mozilla/Firefox@44.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@44.0.0"}],"aliases":["CVE-2016-1943"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gb42-43gw-pygv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51721?format=json","vulnerability_id":"VCID-k4qs-aaqm-eucb","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00105.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00105.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0071.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0071.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0258.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0258.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1935.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1935.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1935","reference_id":"","reference_type":"","scores":[{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64171","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63919","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64078","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64124","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64091","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64117","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63977","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64005","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63965","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64015","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64032","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64044","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.6403","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64001","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64036","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64048","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64035","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64054","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64067","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64064","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64033","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1935"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1220450","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1220450"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3457","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3457"},{"reference_url":"http://www.debian.org/security/2016/dsa-3491","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3491"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-03.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-03.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/bid/81952","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/81952"},{"reference_url":"http://www.securitytracker.com/id/1034825","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034825"},{"reference_url":"http://www.ubuntu.com/usn/USN-2880-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2880-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2880-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2880-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2904-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2904-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301821","reference_id":"1301821","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301821"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1935","reference_id":"CVE-2016-1935","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:C"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1935"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-03","reference_id":"mfsa2016-03","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0071","reference_id":"RHSA-2016:0071","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0071"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0258","reference_id":"RHSA-2016:0258","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0258"},{"reference_url":"https://usn.ubuntu.com/2880-1/","reference_id":"USN-2880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2880-1/"},{"reference_url":"https://usn.ubuntu.com/2904-1/","reference_id":"USN-2904-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2904-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86478?format=json","purl":"pkg:mozilla/Firefox@44.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@44.0.0"}],"aliases":["CVE-2016-1935"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k4qs-aaqm-eucb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51720?format=json","vulnerability_id":"VCID-kdyn-9bn6-ebgz","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1933.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1933.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1933","reference_id":"","reference_type":"","scores":[{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.73804","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.73581","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.73759","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.73722","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.73745","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.7359","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.73613","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.73586","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.73622","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.73635","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.73658","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.7364","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.73631","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.73675","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.73684","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.73708","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.73718","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.73719","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.73711","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00777","scoring_system":"epss","scoring_elements":"0.73736","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1933"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1231761","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1231761"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-02.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-02.html"},{"reference_url":"http://www.securityfocus.com/bid/81956","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/81956"},{"reference_url":"http://www.securitytracker.com/id/1034825","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034825"},{"reference_url":"http://www.ubuntu.com/usn/USN-2880-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2880-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2880-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2880-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301820","reference_id":"1301820","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301820"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1933","reference_id":"CVE-2016-1933","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1933"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1933","reference_id":"CVE-2016-1933","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1933"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-02","reference_id":"mfsa2016-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-02"},{"reference_url":"https://usn.ubuntu.com/2880-1/","reference_id":"USN-2880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2880-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86478?format=json","purl":"pkg:mozilla/Firefox@44.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@44.0.0"}],"aliases":["CVE-2016-1933"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kdyn-9bn6-ebgz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51729?format=json","vulnerability_id":"VCID-mqbr-btgy-aygy","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1944.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1944.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1944","reference_id":"","reference_type":"","scores":[{"value":"0.021","scoring_system":"epss","scoring_elements":"0.84233","published_at":"2026-05-14T12:55:00Z"},{"value":"0.021","scoring_system":"epss","scoring_elements":"0.84183","published_at":"2026-05-11T12:55:00Z"},{"value":"0.021","scoring_system":"epss","scoring_elements":"0.84201","published_at":"2026-05-12T12:55:00Z"},{"value":"0.021","scoring_system":"epss","scoring_elements":"0.84184","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02826","scoring_system":"epss","scoring_elements":"0.86129","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02826","scoring_system":"epss","scoring_elements":"0.86149","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02826","scoring_system":"epss","scoring_elements":"0.8616","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02826","scoring_system":"epss","scoring_elements":"0.86174","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02826","scoring_system":"epss","scoring_elements":"0.86172","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02826","scoring_system":"epss","scoring_elements":"0.86185","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02826","scoring_system":"epss","scoring_elements":"0.86191","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02826","scoring_system":"epss","scoring_elements":"0.86183","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02826","scoring_system":"epss","scoring_elements":"0.86204","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02826","scoring_system":"epss","scoring_elements":"0.86214","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02826","scoring_system":"epss","scoring_elements":"0.86233","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02826","scoring_system":"epss","scoring_elements":"0.86253","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02826","scoring_system":"epss","scoring_elements":"0.86169","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02826","scoring_system":"epss","scoring_elements":"0.86104","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02826","scoring_system":"epss","scoring_elements":"0.86114","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02826","scoring_system":"epss","scoring_elements":"0.8613","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1944"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1186621","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1186621"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-10.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-10.html"},{"reference_url":"http://www.securityfocus.com/bid/81950","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/81950"},{"reference_url":"http://www.securitytracker.com/id/1034825","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034825"},{"reference_url":"http://www.ubuntu.com/usn/USN-2880-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2880-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2880-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2880-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301825","reference_id":"1301825","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301825"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:43.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1944","reference_id":"CVE-2016-1944","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1944"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1944","reference_id":"CVE-2016-1944","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1944"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-10","reference_id":"mfsa2016-10","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-10"},{"reference_url":"https://usn.ubuntu.com/2880-1/","reference_id":"USN-2880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2880-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86478?format=json","purl":"pkg:mozilla/Firefox@44.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@44.0.0"}],"aliases":["CVE-2016-1944"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mqbr-btgy-aygy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51718?format=json","vulnerability_id":"VCID-my4s-k6en-qkc2","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00105.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00105.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0071.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0071.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0258.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0258.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1930.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1930.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1930","reference_id":"","reference_type":"","scores":[{"value":"0.0186","scoring_system":"epss","scoring_elements":"0.83242","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0186","scoring_system":"epss","scoring_elements":"0.8298","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0186","scoring_system":"epss","scoring_elements":"0.83169","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0186","scoring_system":"epss","scoring_elements":"0.8319","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0186","scoring_system":"epss","scoring_elements":"0.83207","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0186","scoring_system":"epss","scoring_elements":"0.82996","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0186","scoring_system":"epss","scoring_elements":"0.8301","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0186","scoring_system":"epss","scoring_elements":"0.83008","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0186","scoring_system":"epss","scoring_elements":"0.83032","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0186","scoring_system":"epss","scoring_elements":"0.83039","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0186","scoring_system":"epss","scoring_elements":"0.83055","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0186","scoring_system":"epss","scoring_elements":"0.83049","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0186","scoring_system":"epss","scoring_elements":"0.83044","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0186","scoring_system":"epss","scoring_elements":"0.83083","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0186","scoring_system":"epss","scoring_elements":"0.83086","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0186","scoring_system":"epss","scoring_elements":"0.83109","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0186","scoring_system":"epss","scoring_elements":"0.83116","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0186","scoring_system":"epss","scoring_elements":"0.83123","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0186","scoring_system":"epss","scoring_elements":"0.83147","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1930"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1221385","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1221385"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1223670","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1223670"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1224200","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1224200"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1230483","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1230483"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1230639","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1230639"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1230668","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1230668"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1230686","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1230686"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1233152","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1233152"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1233346","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1233346"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1233925","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1233925"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1234280","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1234280"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1234571","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1234571"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935"},{"reference_url":"http://www.debian.org/security/2016/dsa-3457","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3457"},{"reference_url":"http://www.debian.org/security/2016/dsa-3491","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3491"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-01.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-01.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/bid/81953","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/81953"},{"reference_url":"http://www.securitytracker.com/id/1034825","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034825"},{"reference_url":"http://www.ubuntu.com/usn/USN-2880-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2880-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2880-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2880-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2904-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2904-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301818","reference_id":"1301818","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301818"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1930","reference_id":"CVE-2016-1930","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1930"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-01","reference_id":"mfsa2016-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0071","reference_id":"RHSA-2016:0071","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0071"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0258","reference_id":"RHSA-2016:0258","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0258"},{"reference_url":"https://usn.ubuntu.com/2880-1/","reference_id":"USN-2880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2880-1/"},{"reference_url":"https://usn.ubuntu.com/2904-1/","reference_id":"USN-2904-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2904-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86478?format=json","purl":"pkg:mozilla/Firefox@44.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@44.0.0"}],"aliases":["CVE-2016-1930"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-my4s-k6en-qkc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51724?format=json","vulnerability_id":"VCID-p728-2nbz-cfbh","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1939.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1939.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1939","reference_id":"","reference_type":"","scores":[{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.69139","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68878","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.69096","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.69064","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.69088","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68895","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68916","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68896","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68946","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68965","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68988","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68973","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68944","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68985","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68995","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68975","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.69026","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.69033","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.69039","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.69021","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.69063","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1939"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1233784","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1233784"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-04.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-04.html"},{"reference_url":"http://www.securitytracker.com/id/1034825","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034825"},{"reference_url":"http://www.ubuntu.com/usn/USN-2880-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2880-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2880-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2880-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301822","reference_id":"1301822","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301822"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1939","reference_id":"CVE-2016-1939","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1939"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1939","reference_id":"CVE-2016-1939","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1939"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-04","reference_id":"mfsa2016-04","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-04"},{"reference_url":"https://usn.ubuntu.com/2880-1/","reference_id":"USN-2880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2880-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86478?format=json","purl":"pkg:mozilla/Firefox@44.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@44.0.0"}],"aliases":["CVE-2016-1939"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p728-2nbz-cfbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51732?format=json","vulnerability_id":"VCID-pgxa-jsvb-73cf","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1947.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1947.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1947","reference_id":"","reference_type":"","scores":[{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68773","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68561","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68764","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68739","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68579","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68598","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68575","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68626","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68644","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68669","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68656","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68665","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68677","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68705","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.6871","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68716","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68695","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68737","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00597","scoring_system":"epss","scoring_elements":"0.69573","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1947"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1237103","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1237103"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-11.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-11.html"},{"reference_url":"http://www.securityfocus.com/bid/81949","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/81949"},{"reference_url":"http://www.securitytracker.com/id/1034825","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034825"},{"reference_url":"http://www.ubuntu.com/usn/USN-2880-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2880-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2880-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2880-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301826","reference_id":"1301826","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301826"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:43.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:43.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:43.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:43.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:43.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1947","reference_id":"CVE-2016-1947","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1947"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1947","reference_id":"CVE-2016-1947","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1947"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-11","reference_id":"mfsa2016-11","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-11"},{"reference_url":"https://usn.ubuntu.com/2880-1/","reference_id":"USN-2880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2880-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86478?format=json","purl":"pkg:mozilla/Firefox@44.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@44.0.0"}],"aliases":["CVE-2016-1947"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pgxa-jsvb-73cf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51782?format=json","vulnerability_id":"VCID-wut5-sqr6-mubd","summary":"Multiple vulnerabilities have been found in Firefox, Thunderbird,\n    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n    the worst of which may allow remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0591.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0591.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0684.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0684.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0685.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0685.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1978.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1978.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1978","reference_id":"","reference_type":"","scores":[{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.8539","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.85163","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.85344","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.85338","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.85352","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.85175","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.85193","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.85194","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.85216","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.85224","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.85239","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.85236","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.85233","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.85253","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.85254","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.85277","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.85286","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.85284","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.85299","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02458","scoring_system":"epss","scoring_elements":"0.85326","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1978"},{"reference_url":"https://bto.bluecoat.com/security-advisory/sa124","reference_id":"","reference_type":"","scores":[],"url":"https://bto.bluecoat.com/security-advisory/sa124"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1209546","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1209546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes","reference_id":"","reference_type":"","scores":[],"url":"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes"},{"reference_url":"http://www.debian.org/security/2016/dsa-3688","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3688"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-15.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-15.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/bid/84275","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84275"},{"reference_url":"http://www.securityfocus.com/bid/91787","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91787"},{"reference_url":"http://www.securitytracker.com/id/1035258","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035258"},{"reference_url":"http://www.ubuntu.com/usn/USN-2973-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2973-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315565","reference_id":"1315565","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315565"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978","reference_id":"CVE-2016-1978","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1978","reference_id":"CVE-2016-1978","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1978"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-15","reference_id":"mfsa2016-15","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0591","reference_id":"RHSA-2016:0591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0684","reference_id":"RHSA-2016:0684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0685","reference_id":"RHSA-2016:0685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0685"},{"reference_url":"https://usn.ubuntu.com/2973-1/","reference_id":"USN-2973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86478?format=json","purl":"pkg:mozilla/Firefox@44.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@44.0.0"}],"aliases":["CVE-2016-1978"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wut5-sqr6-mubd"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@44.0.0"}