{"url":"http://public2.vulnerablecode.io/api/packages/86486?format=json","purl":"pkg:mozilla/Firefox%20ESR@45.2.0","type":"mozilla","namespace":"","name":"Firefox ESR","version":"45.2.0","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"45.3.0","latest_non_vulnerable_version":"140.10.2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63486?format=json","vulnerability_id":"VCID-4gwx-75uj-tyep","summary":"Mozilla community member jomo reported a use-after-free crash when\nprocessing WebGL content. This issue was caused by the use of a texture after its recycle\npool has been destroyed during WebGL operations, which frees the memory associated with\nthe texture. This results in a potentially exploitable crash when the texture is later\ncalled.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2828.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2828.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2828","reference_id":"","reference_type":"","scores":[{"value":"0.02019","scoring_system":"epss","scoring_elements":"0.83947","published_at":"2026-05-15T12:55:00Z"},{"value":"0.02019","scoring_system":"epss","scoring_elements":"0.83937","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84062","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.83971","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84145","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.8416","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84159","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84177","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.83986","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84001","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84004","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84027","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84033","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.8405","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84044","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84039","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84064","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84066","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84091","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84097","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84101","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84122","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2828"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1223810","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1223810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3600","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3600"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-56.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-56.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securityfocus.com/bid/91075","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91075"},{"reference_url":"http://www.securitytracker.com/id/1036057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036057"},{"reference_url":"http://www.ubuntu.com/usn/USN-2993-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2993-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342895","reference_id":"1342895","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342895"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2828","reference_id":"CVE-2016-2828","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2828"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2828","reference_id":"CVE-2016-2828","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2828"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-56","reference_id":"mfsa2016-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-56"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1217","reference_id":"RHSA-2016:1217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1217"},{"reference_url":"https://usn.ubuntu.com/2993-1/","reference_id":"USN-2993-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2993-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86486?format=json","purl":"pkg:mozilla/Firefox%20ESR@45.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@45.2.0"}],"aliases":["CVE-2016-2828"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4gwx-75uj-tyep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63498?format=json","vulnerability_id":"VCID-bd3j-r1wt-dyf4","summary":"Security researcher sushi Anton Larsson reported that when paired\nfullscreen and pointerlock requests are done in combination with closing windows, a\npointerlock can be created within a fullscreen window without user permission. This\npointerlock cannot then be cancelled without terminating the browser, resulting in a\npersistent denial of service attack. This can also be used for spoofing and clickjacking\nattacks against the browser UI.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2831.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2831.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2831","reference_id":"","reference_type":"","scores":[{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71143","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71133","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71278","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.7123","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71396","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71431","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71394","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71422","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71238","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71256","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71231","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71272","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71286","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71309","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71293","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71324","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.7133","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71363","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.7137","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71374","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71359","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2831"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1261933","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1261933"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3600","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3600"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-58.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-58.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securityfocus.com/bid/91075","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91075"},{"reference_url":"http://www.securitytracker.com/id/1036057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036057"},{"reference_url":"http://www.ubuntu.com/usn/USN-2993-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2993-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342898","reference_id":"1342898","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342898"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2831","reference_id":"CVE-2016-2831","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2831"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2831","reference_id":"CVE-2016-2831","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2831"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-58","reference_id":"mfsa2016-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-58"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1217","reference_id":"RHSA-2016:1217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1217"},{"reference_url":"https://usn.ubuntu.com/2993-1/","reference_id":"USN-2993-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2993-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86486?format=json","purl":"pkg:mozilla/Firefox%20ESR@45.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@45.2.0"}],"aliases":["CVE-2016-2831"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bd3j-r1wt-dyf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63481?format=json","vulnerability_id":"VCID-bp6q-cu6s-2ke7","summary":"Mozilla developers and community members reported several memory safety bugs in the\nbrowser engine used in Firefox and other Mozilla-based products. Some of these bugs showed\nevidence of memory corruption under certain circumstances, and we presume that with enough\neffort at least some of these could be exploited to run arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2818.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2818.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2818","reference_id":"","reference_type":"","scores":[{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52282","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52273","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60631","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60504","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60656","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60713","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60672","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.607","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60579","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60609","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60578","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60627","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60642","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60666","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60652","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60673","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60679","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60665","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60651","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60663","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2818"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1234147","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1234147"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1256493","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1256493"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1256739","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1256739"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1256968","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1256968"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1261230","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1261230"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1261752","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1261752"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1263384","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1263384"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1264575","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1264575"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1265577","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1265577"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1267130","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1267130"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1269729","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1269729"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1273202","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1273202"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1273701","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1273701"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3600","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3600"},{"reference_url":"http://www.debian.org/security/2016/dsa-3647","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3647"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-49.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-49.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.securityfocus.com/bid/91075","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91075"},{"reference_url":"http://www.securitytracker.com/id/1036057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036057"},{"reference_url":"http://www.ubuntu.com/usn/USN-2993-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2993-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-3023-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3023-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342887","reference_id":"1342887","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342887"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2818","reference_id":"CVE-2016-2818","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2818"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2818","reference_id":"CVE-2016-2818","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2818"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-49","reference_id":"mfsa2016-49","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-49"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1217","reference_id":"RHSA-2016:1217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1392","reference_id":"RHSA-2016:1392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1392"},{"reference_url":"https://usn.ubuntu.com/2993-1/","reference_id":"USN-2993-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2993-1/"},{"reference_url":"https://usn.ubuntu.com/3023-1/","reference_id":"USN-3023-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3023-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86486?format=json","purl":"pkg:mozilla/Firefox%20ESR@45.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@45.2.0"}],"aliases":["CVE-2016-2818"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bp6q-cu6s-2ke7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63492?format=json","vulnerability_id":"VCID-ev18-anej-zbap","summary":"Security researcher Jordi Chancel reported a method to spoof the\ncontents of the addressbar. This uses a persistent menu within a\n<select> element, which acts as a container for HTML content and can be\nplaced in an arbitrary location.  When placed over the addressbar, this can mask the true\nsite URL, allowing for spoofing by a malicious site.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2822.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2822.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2822","reference_id":"","reference_type":"","scores":[{"value":"0.00671","scoring_system":"epss","scoring_elements":"0.71568","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00671","scoring_system":"epss","scoring_elements":"0.71559","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.7197","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.71891","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.72035","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.72065","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.72029","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.72056","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.71899","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.71918","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.7189","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.71928","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.71939","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.71963","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.71946","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.71974","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.7196","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.72005","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.72012","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.7201","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.72002","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2822"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1273129","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1273129"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3600","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3600"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-52.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-52.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securityfocus.com/bid/91075","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91075"},{"reference_url":"http://www.securitytracker.com/id/1036057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036057"},{"reference_url":"http://www.ubuntu.com/usn/USN-2993-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2993-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342893","reference_id":"1342893","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342893"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2822","reference_id":"CVE-2016-2822","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2822"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2822","reference_id":"CVE-2016-2822","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2822"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-52","reference_id":"mfsa2016-52","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-52"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1217","reference_id":"RHSA-2016:1217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1217"},{"reference_url":"https://usn.ubuntu.com/2993-1/","reference_id":"USN-2993-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2993-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86486?format=json","purl":"pkg:mozilla/Firefox%20ESR@45.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@45.2.0"}],"aliases":["CVE-2016-2822"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ev18-anej-zbap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63496?format=json","vulnerability_id":"VCID-k813-qahc-ubf4","summary":"Security researcher Aral reported an out-of-bounds write when using\nthe ANGLE graphics library, which is used for WebGL content on Windows systems. This crash\noccurs due to improper size checking while writing to an array during some WebGL shader\noperations.\nThe ANGLE graphics library is only used on Windows. Linux, OS X, and\nAndroid operating systems are not affected by this vulnerability.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2824","reference_id":"","reference_type":"","scores":[{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.72017","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.71874","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.72037","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.7201","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.72047","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.71881","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.719","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.71872","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.71911","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.71922","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.71945","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.71928","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.71953","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.71957","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.71942","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.71987","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.71994","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.71991","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.71983","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00924","scoring_system":"epss","scoring_elements":"0.76211","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00924","scoring_system":"epss","scoring_elements":"0.76198","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2824"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1248580","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1248580"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-53.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-53.html"},{"reference_url":"http://www.securityfocus.com/bid/91075","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91075"},{"reference_url":"http://www.securitytracker.com/id/1036057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036057"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2824","reference_id":"CVE-2016-2824","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2824"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2824","reference_id":"CVE-2016-2824","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2824"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-53","reference_id":"mfsa2016-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-53"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86486?format=json","purl":"pkg:mozilla/Firefox%20ESR@45.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@45.2.0"}],"aliases":["CVE-2016-2824"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k813-qahc-ubf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63477?format=json","vulnerability_id":"VCID-kvkh-dxw4-rfde","summary":"Security researcher firehack reported a buffer overflow when parsing\nHTML5 fragments in a foreign context such as under an <svg> node. This\nresults in a potentially exploitable crash when inserting an HTML fragment into an\nexisting document.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2819.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2819.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2819","reference_id":"","reference_type":"","scores":[{"value":"0.64664","scoring_system":"epss","scoring_elements":"0.98482","published_at":"2026-05-15T12:55:00Z"},{"value":"0.64664","scoring_system":"epss","scoring_elements":"0.98481","published_at":"2026-05-14T12:55:00Z"},{"value":"0.65031","scoring_system":"epss","scoring_elements":"0.98476","published_at":"2026-04-11T12:55:00Z"},{"value":"0.65031","scoring_system":"epss","scoring_elements":"0.98462","published_at":"2026-04-01T12:55:00Z"},{"value":"0.65031","scoring_system":"epss","scoring_elements":"0.98485","published_at":"2026-04-29T12:55:00Z"},{"value":"0.65031","scoring_system":"epss","scoring_elements":"0.98491","published_at":"2026-05-11T12:55:00Z"},{"value":"0.65031","scoring_system":"epss","scoring_elements":"0.98494","published_at":"2026-05-09T12:55:00Z"},{"value":"0.65031","scoring_system":"epss","scoring_elements":"0.98493","published_at":"2026-05-12T12:55:00Z"},{"value":"0.65031","scoring_system":"epss","scoring_elements":"0.98464","published_at":"2026-04-02T12:55:00Z"},{"value":"0.65031","scoring_system":"epss","scoring_elements":"0.98466","published_at":"2026-04-04T12:55:00Z"},{"value":"0.65031","scoring_system":"epss","scoring_elements":"0.98468","published_at":"2026-04-07T12:55:00Z"},{"value":"0.65031","scoring_system":"epss","scoring_elements":"0.98472","published_at":"2026-04-08T12:55:00Z"},{"value":"0.65031","scoring_system":"epss","scoring_elements":"0.98473","published_at":"2026-04-09T12:55:00Z"},{"value":"0.65031","scoring_system":"epss","scoring_elements":"0.98475","published_at":"2026-04-13T12:55:00Z"},{"value":"0.65031","scoring_system":"epss","scoring_elements":"0.98481","published_at":"2026-04-16T12:55:00Z"},{"value":"0.65031","scoring_system":"epss","scoring_elements":"0.98482","published_at":"2026-04-21T12:55:00Z"},{"value":"0.65031","scoring_system":"epss","scoring_elements":"0.98486","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2819"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1270381","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1270381"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.exploit-db.com/exploits/44293/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/44293/"},{"reference_url":"http://www.debian.org/security/2016/dsa-3600","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3600"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-50.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-50.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securityfocus.com/bid/91075","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91075"},{"reference_url":"http://www.securitytracker.com/id/1036057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036057"},{"reference_url":"http://www.ubuntu.com/usn/USN-2993-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2993-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342891","reference_id":"1342891","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342891"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2819","reference_id":"CVE-2016-2819","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2819"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2819","reference_id":"CVE-2016-2819","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2819"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/44293.html","reference_id":"CVE-2017-5375;CVE-2016-2819","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/44293.html"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-50","reference_id":"mfsa2016-50","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-50"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1217","reference_id":"RHSA-2016:1217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1217"},{"reference_url":"https://usn.ubuntu.com/2993-1/","reference_id":"USN-2993-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2993-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86486?format=json","purl":"pkg:mozilla/Firefox%20ESR@45.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@45.2.0"}],"aliases":["CVE-2016-2819"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kvkh-dxw4-rfde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63475?format=json","vulnerability_id":"VCID-qu9b-rst3-v7fa","summary":"Security researcher Frédéric Hoguin reported a mechanism where the\nMozilla Windows updater could be used to overwrite arbitrary files. He found that files\nextracted by the updater from a MAR archive are not locked for writing and\ncan be overwritten by other processes while the updater is running. A malicious local\nprogram could invoke the updater and then interfere with the extracted files, replacing\nthem with its own. This vulnerability could be used for privilege escalation if these\noverwritten files were later invoked by other Windows components that had higher\nprivileges. \nThis issue does not affect non-Windows operating systems.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2826","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16618","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16589","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16445","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.1655","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16515","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16548","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16769","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16826","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16612","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16697","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16751","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16731","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16688","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16631","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16568","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16576","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16615","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16512","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.165","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16457","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16326","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2826"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1237219","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1237219"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-55.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-55.html"},{"reference_url":"http://www.securityfocus.com/bid/91075","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91075"},{"reference_url":"http://www.securitytracker.com/id/1036057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036057"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2826","reference_id":"CVE-2016-2826","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2826"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2826","reference_id":"CVE-2016-2826","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:C/I:C/A:C"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2826"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-55","reference_id":"mfsa2016-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-55"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86486?format=json","purl":"pkg:mozilla/Firefox%20ESR@45.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@45.2.0"}],"aliases":["CVE-2016-2826"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qu9b-rst3-v7fa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63473?format=json","vulnerability_id":"VCID-sr99-hhmv-xkhq","summary":"Security researcher firehack used the Address Sanitizer\ntool to discover a use-after-free in contenteditable mode. This occurs when deleting\ndocument object model (DOM) table elements created within the editor and results in a\npotentially exploitable crash.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2821.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2821.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2821","reference_id":"","reference_type":"","scores":[{"value":"0.02755","scoring_system":"epss","scoring_elements":"0.86168","published_at":"2026-05-15T12:55:00Z"},{"value":"0.02755","scoring_system":"epss","scoring_elements":"0.86157","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86258","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86179","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86327","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86347","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86343","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86356","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86189","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86203","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86222","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86233","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86248","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86245","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86241","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86263","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86257","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86276","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86286","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86305","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2821"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1271460","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1271460"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3600","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3600"},{"reference_url":"http://www.mozilla.org/security/announce/2016/mfsa2016-51.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mozilla.org/security/announce/2016/mfsa2016-51.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securityfocus.com/bid/91075","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91075"},{"reference_url":"http://www.securitytracker.com/id/1036057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036057"},{"reference_url":"http://www.ubuntu.com/usn/USN-2993-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2993-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342892","reference_id":"1342892","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342892"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2821","reference_id":"CVE-2016-2821","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2821"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2821","reference_id":"CVE-2016-2821","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2821"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-51","reference_id":"mfsa2016-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-51"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1217","reference_id":"RHSA-2016:1217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1217"},{"reference_url":"https://usn.ubuntu.com/2993-1/","reference_id":"USN-2993-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2993-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86486?format=json","purl":"pkg:mozilla/Firefox%20ESR@45.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@45.2.0"}],"aliases":["CVE-2016-2821"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sr99-hhmv-xkhq"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@45.2.0"}