Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:mozilla/Firefox%20ESR@38.8.0

Type mozilla

Namespace

Name Firefox ESR

Version 38.8.0

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 45.1.0

Latest_non_vulnerable_version 140.9.1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-6xgq-h4jf-sya9

vulnerability_id VCID-6xgq-h4jf-sya9

summary

Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0695.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0695.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2808.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2808.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2808

reference_id

reference_type

scores

value	0.00681
scoring_system	epss
scoring_elements	0.71581
published_at	2026-04-13T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71544
published_at	2026-04-01T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71582
published_at	2026-04-08T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71593
published_at	2026-04-09T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71616
published_at	2026-04-11T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.716
published_at	2026-04-12T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71551
published_at	2026-04-02T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71569
published_at	2026-04-04T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71542
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2808

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1246061
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1246061

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.debian.org/security/2016/dsa-3559
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3559

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-47.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-47.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.securitytracker.com/id/1035692
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035692

reference_url	http://www.ubuntu.com/usn/USN-2936-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2936-1

reference_url	http://www.ubuntu.com/usn/USN-2936-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2936-2

reference_url	http://www.ubuntu.com/usn/USN-2936-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2936-3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1330286
reference_id	1330286
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1330286

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:45.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2808

reference_id

CVE-2016-2808

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2808

reference_url	https://security.gentoo.org/glsa/201701-15
reference_id	GLSA-201701-15
reference_type
scores
url	https://security.gentoo.org/glsa/201701-15

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-47

reference_id

mfsa2016-47

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-47

reference_url	https://access.redhat.com/errata/RHSA-2016:0695
reference_id	RHSA-2016:0695
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0695

reference_url	https://usn.ubuntu.com/2936-1/
reference_id	USN-2936-1
reference_type
scores
url	https://usn.ubuntu.com/2936-1/

fixed_packages

url	pkg:mozilla/Firefox%20ESR@38.8.0
purl	pkg:mozilla/Firefox%20ESR@38.8.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@38.8.0

url	pkg:mozilla/Firefox%20ESR@45.1.0
purl	pkg:mozilla/Firefox%20ESR@45.1.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@45.1.0

aliases CVE-2016-2808

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6xgq-h4jf-sya9

url VCID-9mux-fuyc-a7dx

vulnerability_id VCID-9mux-fuyc-a7dx

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1938.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1938.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1938

reference_id

reference_type

scores

value	0.01048
scoring_system	epss
scoring_elements	0.77513
published_at	2026-04-13T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77455
published_at	2026-04-01T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77506
published_at	2026-04-09T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77532
published_at	2026-04-11T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77516
published_at	2026-04-12T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77461
published_at	2026-04-02T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77486
published_at	2026-04-04T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77467
published_at	2026-04-07T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77497
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1938

reference_url	https://blog.fuzzing-project.org/37-Mozilla-NSS-Wrong-calculation-results-in-mp_div-and-mp_exptmod.html
reference_id
reference_type
scores
url	https://blog.fuzzing-project.org/37-Mozilla-NSS-Wrong-calculation-results-in-mp_div-and-mp_exptmod.html

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1190248
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1190248

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1194947
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1194947

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes

reference_url	https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_div.c
reference_id
reference_type
scores
url	https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_div.c

reference_url	https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_exptmod.c
reference_id
reference_type
scores
url	https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_exptmod.c

reference_url	https://hg.mozilla.org/projects/nss/diff/a555bf0fc23a/lib/freebl/mpi/mpi.c
reference_id
reference_type
scores
url	https://hg.mozilla.org/projects/nss/diff/a555bf0fc23a/lib/freebl/mpi/mpi.c

reference_url	http://www.debian.org/security/2016/dsa-3688
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3688

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-07.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-07.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

reference_url	http://www.securityfocus.com/bid/81955
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/81955

reference_url	http://www.securityfocus.com/bid/91787
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/91787

reference_url	http://www.securitytracker.com/id/1034825
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034825

reference_url	http://www.ubuntu.com/usn/USN-2880-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-1

reference_url	http://www.ubuntu.com/usn/USN-2880-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-2

reference_url	http://www.ubuntu.com/usn/USN-2903-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2903-1

reference_url	http://www.ubuntu.com/usn/USN-2903-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2903-2

reference_url	http://www.ubuntu.com/usn/USN-2973-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2973-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1305159
reference_id	1305159
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1305159

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:nss::::::::
reference_id	cpe:2.3:a:mozilla:nss::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:nss::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938
reference_id	CVE-2016-1938
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1938

reference_id

CVE-2016-1938

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:N

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1938

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-46
reference_id	GLSA-201701-46
reference_type
scores
url	https://security.gentoo.org/glsa/201701-46

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-07

reference_id

mfsa2016-07

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-07

reference_url	https://usn.ubuntu.com/2880-1/
reference_id	USN-2880-1
reference_type
scores
url	https://usn.ubuntu.com/2880-1/

reference_url	https://usn.ubuntu.com/2903-1/
reference_id	USN-2903-1
reference_type
scores
url	https://usn.ubuntu.com/2903-1/

reference_url	https://usn.ubuntu.com/2973-1/
reference_id	USN-2973-1
reference_type
scores
url	https://usn.ubuntu.com/2973-1/

fixed_packages

url	pkg:mozilla/Firefox%20ESR@38.8.0
purl	pkg:mozilla/Firefox%20ESR@38.8.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@38.8.0

aliases CVE-2016-1938

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9mux-fuyc-a7dx

url VCID-dk4z-1j37-aucx

vulnerability_id VCID-dk4z-1j37-aucx

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0591.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0591.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0684.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0684.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0685.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0685.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1979.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1979.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1979

reference_id

reference_type

scores

value	0.00707
scoring_system	epss
scoring_elements	0.72159
published_at	2026-04-13T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72113
published_at	2026-04-01T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72165
published_at	2026-04-09T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72188
published_at	2026-04-11T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72172
published_at	2026-04-12T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72119
published_at	2026-04-02T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72139
published_at	2026-04-04T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72117
published_at	2026-04-07T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72153
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1979

reference_url	https://bto.bluecoat.com/security-advisory/sa124
reference_id
reference_type
scores
url	https://bto.bluecoat.com/security-advisory/sa124

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1185033
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1185033

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes

reference_url	http://www.debian.org/security/2016/dsa-3576
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3576

reference_url	http://www.debian.org/security/2016/dsa-3688
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3688

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-36.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-36.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/84221
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84221

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2973-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2973-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315202
reference_id	1315202
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315202

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::
reference_id	cpe:2.3:a:mozilla:network_security_services::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979
reference_id	CVE-2016-1979
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1979

reference_id

CVE-2016-1979

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1979

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-36

reference_id

mfsa2016-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-36

reference_url	https://access.redhat.com/errata/RHSA-2016:0591
reference_id	RHSA-2016:0591
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0591

reference_url	https://access.redhat.com/errata/RHSA-2016:0684
reference_id	RHSA-2016:0684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0684

reference_url	https://access.redhat.com/errata/RHSA-2016:0685
reference_id	RHSA-2016:0685
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0685

reference_url	https://usn.ubuntu.com/2973-1/
reference_id	USN-2973-1
reference_type
scores
url	https://usn.ubuntu.com/2973-1/

fixed_packages

url	pkg:mozilla/Firefox%20ESR@38.8.0
purl	pkg:mozilla/Firefox%20ESR@38.8.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@38.8.0

aliases CVE-2016-1979

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dk4z-1j37-aucx

url VCID-pdgz-dsbq-67hq

vulnerability_id VCID-pdgz-dsbq-67hq

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1967.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1967.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1967

reference_id

reference_type

scores

value	0.00402
scoring_system	epss
scoring_elements	0.60815
published_at	2026-04-13T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60695
published_at	2026-04-01T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60826
published_at	2026-04-09T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60846
published_at	2026-04-11T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60833
published_at	2026-04-12T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60768
published_at	2026-04-02T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60797
published_at	2026-04-04T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60761
published_at	2026-04-07T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.6081
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1967

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1246956
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1246956

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-29.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-29.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315776
reference_id	1315776
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315776

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1967
reference_id	CVE-2016-1967
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1967

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1967

reference_id

CVE-2016-1967

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1967

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-29

reference_id

mfsa2016-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-29

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

fixed_packages

url	pkg:mozilla/Firefox%20ESR@38.8.0
purl	pkg:mozilla/Firefox%20ESR@38.8.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@38.8.0

aliases CVE-2016-1967

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pdgz-dsbq-67hq

url VCID-va3j-erp3-3ugy

vulnerability_id VCID-va3j-erp3-3ugy

summary

Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0695.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0695.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1041.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1041.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2807.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2807.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2807

reference_id

reference_type

scores

value	0.01777
scoring_system	epss
scoring_elements	0.82682
published_at	2026-04-13T12:55:00Z

value	0.01777
scoring_system	epss
scoring_elements	0.82616
published_at	2026-04-01T12:55:00Z

value	0.01777
scoring_system	epss
scoring_elements	0.82668
published_at	2026-04-08T12:55:00Z

value	0.01777
scoring_system	epss
scoring_elements	0.82674
published_at	2026-04-09T12:55:00Z

value	0.01777
scoring_system	epss
scoring_elements	0.82692
published_at	2026-04-11T12:55:00Z

value	0.01777
scoring_system	epss
scoring_elements	0.82686
published_at	2026-04-12T12:55:00Z

value	0.01777
scoring_system	epss
scoring_elements	0.82631
published_at	2026-04-02T12:55:00Z

value	0.01777
scoring_system	epss
scoring_elements	0.82646
published_at	2026-04-04T12:55:00Z

value	0.01777
scoring_system	epss
scoring_elements	0.82642
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2807

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1187420
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1187420

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1252707
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1252707

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1254164
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1254164

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1254622
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1254622

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1254876
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1254876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.debian.org/security/2016/dsa-3559
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3559

reference_url	http://www.debian.org/security/2016/dsa-3576
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3576

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-39.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-39.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.securitytracker.com/id/1035692
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035692

reference_url	http://www.ubuntu.com/usn/USN-2936-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2936-1

reference_url	http://www.ubuntu.com/usn/USN-2936-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2936-2

reference_url	http://www.ubuntu.com/usn/USN-2936-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2936-3

reference_url	http://www.ubuntu.com/usn/USN-2973-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2973-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1330271
reference_id	1330271
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1330271

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:45.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2807

reference_id

CVE-2016-2807

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2807

reference_url	https://security.gentoo.org/glsa/201701-15
reference_id	GLSA-201701-15
reference_type
scores
url	https://security.gentoo.org/glsa/201701-15

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-39

reference_id

mfsa2016-39

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-39

reference_url	https://access.redhat.com/errata/RHSA-2016:0695
reference_id	RHSA-2016:0695
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0695

reference_url	https://access.redhat.com/errata/RHSA-2016:1041
reference_id	RHSA-2016:1041
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1041

reference_url	https://usn.ubuntu.com/2936-1/
reference_id	USN-2936-1
reference_type
scores
url	https://usn.ubuntu.com/2936-1/

reference_url	https://usn.ubuntu.com/2973-1/
reference_id	USN-2973-1
reference_type
scores
url	https://usn.ubuntu.com/2973-1/

fixed_packages

url	pkg:mozilla/Firefox%20ESR@38.8.0
purl	pkg:mozilla/Firefox%20ESR@38.8.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@38.8.0

url	pkg:mozilla/Firefox%20ESR@45.1.0
purl	pkg:mozilla/Firefox%20ESR@45.1.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@45.1.0

aliases CVE-2016-2807

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-va3j-erp3-3ugy

url VCID-vnh1-1r8e-efcd

vulnerability_id VCID-vnh1-1r8e-efcd

summary

Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0695.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0695.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2814.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2814.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2814

reference_id

reference_type

scores

value	0.02136
scoring_system	epss
scoring_elements	0.84196
published_at	2026-04-13T12:55:00Z

value	0.02136
scoring_system	epss
scoring_elements	0.84126
published_at	2026-04-01T12:55:00Z

value	0.02136
scoring_system	epss
scoring_elements	0.84181
published_at	2026-04-08T12:55:00Z

value	0.02136
scoring_system	epss
scoring_elements	0.84187
published_at	2026-04-09T12:55:00Z

value	0.02136
scoring_system	epss
scoring_elements	0.84205
published_at	2026-04-11T12:55:00Z

value	0.02136
scoring_system	epss
scoring_elements	0.842
published_at	2026-04-12T12:55:00Z

value	0.02136
scoring_system	epss
scoring_elements	0.84139
published_at	2026-04-02T12:55:00Z

value	0.02136
scoring_system	epss
scoring_elements	0.84157
published_at	2026-04-04T12:55:00Z

value	0.02136
scoring_system	epss
scoring_elements	0.84159
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2814

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1254721
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1254721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:N/A:C

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.debian.org/security/2016/dsa-3559
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3559

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-44.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-44.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.securitytracker.com/id/1035692
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035692

reference_url	http://www.ubuntu.com/usn/USN-2936-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2936-1

reference_url	http://www.ubuntu.com/usn/USN-2936-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2936-2

reference_url	http://www.ubuntu.com/usn/USN-2936-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2936-3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1330280
reference_id	1330280
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1330280

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:45.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2814

reference_id

CVE-2016-2814

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2814

reference_url	https://security.gentoo.org/glsa/201701-15
reference_id	GLSA-201701-15
reference_type
scores
url	https://security.gentoo.org/glsa/201701-15

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-44

reference_id

mfsa2016-44

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-44

reference_url	https://access.redhat.com/errata/RHSA-2016:0695
reference_id	RHSA-2016:0695
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0695

reference_url	https://usn.ubuntu.com/2936-1/
reference_id	USN-2936-1
reference_type
scores
url	https://usn.ubuntu.com/2936-1/

fixed_packages

url	pkg:mozilla/Firefox%20ESR@38.8.0
purl	pkg:mozilla/Firefox%20ESR@38.8.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@38.8.0

url	pkg:mozilla/Firefox%20ESR@45.1.0
purl	pkg:mozilla/Firefox%20ESR@45.1.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@45.1.0

aliases CVE-2016-2814

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vnh1-1r8e-efcd

url VCID-wut5-sqr6-mubd

vulnerability_id VCID-wut5-sqr6-mubd

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0591.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0591.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0684.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0684.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0685.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0685.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1978.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1978.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1978

reference_id

reference_type

scores

value	0.02458
scoring_system	epss
scoring_elements	0.85233
published_at	2026-04-13T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85163
published_at	2026-04-01T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85224
published_at	2026-04-09T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85239
published_at	2026-04-11T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85236
published_at	2026-04-12T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85175
published_at	2026-04-02T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85193
published_at	2026-04-04T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85194
published_at	2026-04-07T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85216
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1978

reference_url	https://bto.bluecoat.com/security-advisory/sa124
reference_id
reference_type
scores
url	https://bto.bluecoat.com/security-advisory/sa124

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1209546
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1209546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes

reference_url	http://www.debian.org/security/2016/dsa-3688
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3688

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-15.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-15.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/84275
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84275

reference_url	http://www.securityfocus.com/bid/91787
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/91787

reference_url	http://www.securitytracker.com/id/1035258
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035258

reference_url	http://www.ubuntu.com/usn/USN-2973-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2973-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315565
reference_id	1315565
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315565

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::
reference_id	cpe:2.3:a:mozilla:network_security_services::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978
reference_id	CVE-2016-1978
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1978

reference_id

CVE-2016-1978

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1978

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-15

reference_id

mfsa2016-15

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-15

reference_url	https://access.redhat.com/errata/RHSA-2016:0591
reference_id	RHSA-2016:0591
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0591

reference_url	https://access.redhat.com/errata/RHSA-2016:0684
reference_id	RHSA-2016:0684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0684

reference_url	https://access.redhat.com/errata/RHSA-2016:0685
reference_id	RHSA-2016:0685
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0685

reference_url	https://usn.ubuntu.com/2973-1/
reference_id	USN-2973-1
reference_type
scores
url	https://usn.ubuntu.com/2973-1/

fixed_packages

url	pkg:mozilla/Firefox%20ESR@38.8.0
purl	pkg:mozilla/Firefox%20ESR@38.8.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@38.8.0

aliases CVE-2016-1978

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wut5-sqr6-mubd

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@38.8.0

Package Instance