Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-avw6-7aqv-hbaa
Vulnerability ID VCID-avw6-7aqv-hbaa
Aliases CVE-2016-9079
Summary Multiple vulnerabilities have been found in Mozilla SeaMonkey, the worst of which could lead to the remote execution of arbitrary code.
Status Published
Exploitability 2.0
Weighted Severity 9.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-416 Use After Free
System Score Found at
cvssv3.1 7.5 http://rhn.redhat.com/errata/RHSA-2016-2843.html
ssvc Attend http://rhn.redhat.com/errata/RHSA-2016-2843.html
cvssv3.1 7.5 http://rhn.redhat.com/errata/RHSA-2016-2850.html
ssvc Attend http://rhn.redhat.com/errata/RHSA-2016-2850.html
cvssv3 7.3 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9079.json
epss 0.84813 https://api.first.org/data/v1/epss?cve=CVE-2016-9079
epss 0.84813 https://api.first.org/data/v1/epss?cve=CVE-2016-9079
epss 0.84813 https://api.first.org/data/v1/epss?cve=CVE-2016-9079
epss 0.84813 https://api.first.org/data/v1/epss?cve=CVE-2016-9079
epss 0.84813 https://api.first.org/data/v1/epss?cve=CVE-2016-9079
epss 0.84813 https://api.first.org/data/v1/epss?cve=CVE-2016-9079
epss 0.84813 https://api.first.org/data/v1/epss?cve=CVE-2016-9079
cvssv3.1 7.5 https://bugzilla.mozilla.org/show_bug.cgi?id=1321066
ssvc Attend https://bugzilla.mozilla.org/show_bug.cgi?id=1321066
cvssv2 6.8 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2016-9079
cvssv3.1 7.5 https://nvd.nist.gov/vuln/detail/CVE-2016-9079
archlinux Critical https://security.archlinux.org/AVG-90
archlinux Critical https://security.archlinux.org/AVG-91
cvssv3.1 7.5 https://security.gentoo.org/glsa/201701-15
ssvc Attend https://security.gentoo.org/glsa/201701-15
cvssv3.1 7.5 https://security.gentoo.org/glsa/201701-35
ssvc Attend https://security.gentoo.org/glsa/201701-35
cvssv3.1 7.5 https://www.debian.org/security/2016/dsa-3730
ssvc Attend https://www.debian.org/security/2016/dsa-3730
cvssv3.1 7.5 https://www.exploit-db.com/exploits/41151/
ssvc Attend https://www.exploit-db.com/exploits/41151/
cvssv3.1 7.5 https://www.exploit-db.com/exploits/42327/
ssvc Attend https://www.exploit-db.com/exploits/42327/
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2016-92
cvssv3.1 7.5 https://www.mozilla.org/security/advisories/mfsa2016-92/
ssvc Attend https://www.mozilla.org/security/advisories/mfsa2016-92/
cvssv3.1 7.5 http://www.securityfocus.com/bid/94591
ssvc Attend http://www.securityfocus.com/bid/94591
cvssv3.1 7.5 http://www.securitytracker.com/id/1037370
ssvc Attend http://www.securitytracker.com/id/1037370
Reference id Reference type URL
http://rhn.redhat.com/errata/RHSA-2016-2843.html
http://rhn.redhat.com/errata/RHSA-2016-2850.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9079.json
https://api.first.org/data/v1/epss?cve=CVE-2016-9079
https://bugzilla.mozilla.org/show_bug.cgi?id=1321066
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-9079
https://www.debian.org/security/2016/dsa-3730
https://www.exploit-db.com/exploits/41151/
https://www.exploit-db.com/exploits/42327/
https://www.mozilla.org/security/advisories/mfsa2016-92/
http://www.securityfocus.com/bid/94591
http://www.securitytracker.com/id/1037370
1400376 https://bugzilla.redhat.com/show_bug.cgi?id=1400376
ASA-201612-1 https://security.archlinux.org/ASA-201612-1
ASA-201612-2 https://security.archlinux.org/ASA-201612-2
AVG-90 https://security.archlinux.org/AVG-90
AVG-91 https://security.archlinux.org/AVG-91
cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:torproject:tor:-:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
CVE-2016-9079 Exploit https://github.com/rapid7/metasploit-framework/blob/f4db90edeb7f03ce1e95f5898954cbea7e13ff6c/modules/exploits/windows/browser/firefox_smil_uaf.rb
CVE-2016-9079 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/41151.rb
CVE-2016-9079 https://nvd.nist.gov/vuln/detail/CVE-2016-9079
CVE-2017-5375;CVE-2016-9079 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/42327.html
CVE-2017-5375;CVE-2016-9079 Exploit https://rh0dev.github.io/blog/2017/the-return-of-the-jit/
GLSA-201701-15 https://security.gentoo.org/glsa/201701-15
GLSA-201701-35 https://security.gentoo.org/glsa/201701-35
mfsa2016-92 https://www.mozilla.org/en-US/security/advisories/mfsa2016-92
RHSA-2016:2843 https://access.redhat.com/errata/RHSA-2016:2843
RHSA-2016:2850 https://access.redhat.com/errata/RHSA-2016:2850
USN-3140-1 https://usn.ubuntu.com/3140-1/
USN-3141-1 https://usn.ubuntu.com/3141-1/
Data source KEV
Date added June 22, 2023
Description Mozilla Firefox, Firefox ESR, and Thunderbird contain a use-after-free vulnerability in SVG Animation, targeting Firefox and Tor browser users on Windows.
Required action Apply updates per vendor instructions.
Due date July 13, 2023
Note 
https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/#CVE-2016-9079; https://nvd.nist.gov/vuln/detail/CVE-2016-9079
Ransomware campaign use Unknown
Data source Metasploit
Description This module exploits an out-of-bounds indexing/use-after-free condition present in nsSMILTimeContainer::NotifyTimeChange() across numerous versions of Mozilla Firefox on Microsoft Windows.
Note 
Reliability:
  - unknown-reliability
Stability:
  - unknown-stability
SideEffects:
  - unknown-side-effects
Ransomware campaign use Unknown
Source publication date Nov. 30, 2016
Platform Windows
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/browser/firefox_smil_uaf.rb
Data source Exploit-DB
Date added Jan. 24, 2017
Description Mozilla Firefox < 50.0.2 - 'nsSMILTimeContainer::NotifyTimeChange()' Remote Code Execution (Metasploit)
Ransomware campaign use Known
Source publication date Jan. 24, 2017
Exploit type remote
Platform windows
Source update date Jan. 25, 2017
Source URL https://github.com/rapid7/metasploit-framework/blob/f4db90edeb7f03ce1e95f5898954cbea7e13ff6c/modules/exploits/windows/browser/firefox_smil_uaf.rb
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at http://rhn.redhat.com/errata/RHSA-2016-2843.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/ Found at http://rhn.redhat.com/errata/RHSA-2016-2843.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at http://rhn.redhat.com/errata/RHSA-2016-2850.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/ Found at http://rhn.redhat.com/errata/RHSA-2016-2850.html
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9079.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://bugzilla.mozilla.org/show_bug.cgi?id=1321066
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/ Found at https://bugzilla.mozilla.org/show_bug.cgi?id=1321066
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2016-9079
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2016-9079
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://security.gentoo.org/glsa/201701-15
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/ Found at https://security.gentoo.org/glsa/201701-15
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://security.gentoo.org/glsa/201701-35
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/ Found at https://security.gentoo.org/glsa/201701-35
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://www.debian.org/security/2016/dsa-3730
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/ Found at https://www.debian.org/security/2016/dsa-3730
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://www.exploit-db.com/exploits/41151/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/ Found at https://www.exploit-db.com/exploits/41151/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://www.exploit-db.com/exploits/42327/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/ Found at https://www.exploit-db.com/exploits/42327/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://www.mozilla.org/security/advisories/mfsa2016-92/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/ Found at https://www.mozilla.org/security/advisories/mfsa2016-92/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at http://www.securityfocus.com/bid/94591
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/ Found at http://www.securityfocus.com/bid/94591
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at http://www.securitytracker.com/id/1037370
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/ Found at http://www.securitytracker.com/id/1037370
Exploit Prediction Scoring System (EPSS)
Percentile 0.99335
EPSS Score 0.84813
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:03:43.290017+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/201701-35 38.0.0