[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-1938":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":19,"duplicate_of":9,"upstream":20,"downstream":21,"duplicates":48,"related":49,"reserved_at":9,"published_at":55,"modified_at":56,"state":57,"summary":58,"references_raw":67,"kevs":173,"epss":174,"epss_history":177,"metrics":437,"affected":447},"CVE-2016-1938","The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the (1) mp_div or (2) mp_exptmod function.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"CWE-310","Cryptographic Issues","Weaknesses in this category are related to the design and implementation of data confidentiality and integrity. Frequently these deal with the use of encoding techniques, encryption libraries, and hashing algorithms. The weaknesses in this category could lead to a degradation of the quality data if they are not addressed.","category","Draft",[],[],[],[],[22,24,26,28,30,32,34,36,38,40,42,44,46],{"_key":23},"OPENSUSE-SU-2024:10071-1",{"_key":25},"SUSE-SU-2016:0334-1",{"_key":27},"SUSE-SU-2016:0338-1",{"_key":29},"SUSE-SU-2016:0584-1",{"_key":31},"OPENSUSE-SU-2024:14572-1",{"_key":33},"DLA-427-1",{"_key":35},"DLA-480-1",{"_key":37},"DSA-3688-1",{"_key":39},"UBUNTU-CVE-2016-1938",{"_key":41},"USN-2880-1",{"_key":43},"USN-2903-1",{"_key":45},"USN-2973-1",{"_key":47},"DEBIAN-CVE-2016-1938",[],[50,51,52,53,54],{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},"2016-01-31T18:00:00.000Z","2024-08-05T23:10:40.307Z","Modified",{"cisa_kev":59,"cisa_ransomware":59,"cisa_vendor":9,"epss_severity":60,"epss_score":61,"severity":62,"severity_score":63,"severity_version":64,"severity_source":65,"severity_vector":66,"severity_status":57},false,"low",0.01048,"medium",6.5,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",[68,75,81,86,91,97,102,106,110,114,119,123,128,132,136,140,145,149,153,157,161,165,169],{"url":69,"sources":70,"tags":72},"http://www.securityfocus.com/bid/81955",[71,65],"cve.org",[73,74],"VDB Entry","X Refsource BID",{"url":76,"sources":77,"tags":78},"http://www.debian.org/security/2016/dsa-3688",[71,65],[79,80],"Vendor Advisory","X Refsource DEBIAN",{"url":82,"sources":83,"tags":84},"http://www.securitytracker.com/id/1034825",[71,65],[73,85],"X Refsource SECTRACK",{"url":87,"sources":88,"tags":89},"https://security.gentoo.org/glsa/201701-46",[71,65],[79,90],"X Refsource GENTOO",{"url":92,"sources":93,"tags":94},"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",[71,65],[95,96],"X Refsource CONFIRM","Third Party Advisory",{"url":98,"sources":99,"tags":100},"http://www.ubuntu.com/usn/USN-2903-2",[71,65],[79,101],"X Refsource UBUNTU",{"url":103,"sources":104,"tags":105},"http://www.ubuntu.com/usn/USN-2880-1",[71,65],[79,101],{"url":107,"sources":108,"tags":109},"http://www.ubuntu.com/usn/USN-2903-1",[71,65],[79,101],{"url":111,"sources":112,"tags":113},"http://www.ubuntu.com/usn/USN-2880-2",[71,65],[79,101],{"url":115,"sources":116,"tags":117},"https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_exptmod.c",[71,65],[118],"X Refsource MISC",{"url":120,"sources":121,"tags":122},"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes",[71,65],[118,79],{"url":124,"sources":125,"tags":126},"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html",[71,65],[79,127],"X Refsource SUSE",{"url":129,"sources":130,"tags":131},"http://www.mozilla.org/security/announce/2016/mfsa2016-07.html",[71,65],[95,79],{"url":133,"sources":134,"tags":135},"https://blog.fuzzing-project.org/37-Mozilla-NSS-Wrong-calculation-results-in-mp_div-and-mp_exptmod.html",[71,65],[118],{"url":137,"sources":138,"tags":139},"http://www.ubuntu.com/usn/USN-2973-1",[71,65],[79,101],{"url":141,"sources":142,"tags":143},"https://bugzilla.mozilla.org/show_bug.cgi?id=1194947",[71,65],[95,144],"Issue Tracking",{"url":146,"sources":147,"tags":148},"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html",[71,65],[79,127,96],{"url":150,"sources":151,"tags":152},"http://www.securityfocus.com/bid/91787",[71,65],[73,74,96],{"url":154,"sources":155,"tags":156},"https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_div.c",[71,65],[118],{"url":158,"sources":159,"tags":160},"https://security.gentoo.org/glsa/201605-06",[71,65],[79,90],{"url":162,"sources":163,"tags":164},"https://bugzilla.mozilla.org/show_bug.cgi?id=1190248",[71,65],[95,144],{"url":166,"sources":167,"tags":168},"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html",[71,65],[79,127,96],{"url":170,"sources":171,"tags":172},"https://hg.mozilla.org/projects/nss/diff/a555bf0fc23a/lib/freebl/mpi/mpi.c",[71,65],[95],[],{"date":175,"score":61,"percentile":176},"2026-06-04",0.77854,[178,181,183,186,189,192,194,197,200,202,205,208,211,214,217,220,223,226,229,232,235,237,240,243,245,248,250,253,256,259,261,263,265,268,272,275,278,281,284,287,289,292,295,298,301,304,307,310,312,315,318,321,324,327,330,332,335,338,341,344,346,349,352,355,359,362,365,368,371,374,377,380,383,386,389,392,395,398,401,404,407,410,413,416,419,422,425,428,431,434],{"date":179,"score":61,"percentile":180},"2025-11-04",0.76818,{"date":182,"score":61,"percentile":180},"2025-11-05",{"date":184,"score":61,"percentile":185},"2025-11-06",0.76815,{"date":187,"score":61,"percentile":188},"2025-11-07",0.76828,{"date":190,"score":61,"percentile":191},"2025-11-08",0.76832,{"date":193,"score":61,"percentile":188},"2025-11-09",{"date":195,"score":61,"percentile":196},"2025-11-10",0.76812,{"date":198,"score":61,"percentile":199},"2025-11-11",0.76814,{"date":201,"score":61,"percentile":191},"2025-11-12",{"date":203,"score":61,"percentile":204},"2025-11-13",0.7684,{"date":206,"score":61,"percentile":207},"2025-11-14",0.76848,{"date":209,"score":61,"percentile":210},"2025-11-15",0.76843,{"date":212,"score":61,"percentile":213},"2025-11-16",0.76842,{"date":215,"score":61,"percentile":216},"2025-11-17",0.76833,{"date":218,"score":61,"percentile":219},"2025-11-18",0.75625,{"date":221,"score":61,"percentile":222},"2025-11-19",0.75632,{"date":224,"score":61,"percentile":225},"2025-11-20",0.75642,{"date":227,"score":61,"percentile":228},"2025-11-21",0.76862,{"date":230,"score":61,"percentile":231},"2025-11-22",0.76861,{"date":233,"score":61,"percentile":234},"2025-11-23",0.76847,{"date":236,"score":61,"percentile":207},"2025-11-24",{"date":238,"score":61,"percentile":239},"2025-11-25",0.76854,{"date":241,"score":61,"percentile":242},"2025-11-26",0.7686,{"date":244,"score":61,"percentile":228},"2025-11-27",{"date":246,"score":61,"percentile":247},"2025-11-28",0.76851,{"date":249,"score":61,"percentile":242},"2025-11-29",{"date":251,"score":61,"percentile":252},"2025-11-30",0.76857,{"date":254,"score":61,"percentile":255},"2025-12-01",0.76972,{"date":257,"score":61,"percentile":258},"2025-12-02",0.76983,{"date":260,"score":61,"percentile":255},"2025-12-03",{"date":262,"score":61,"percentile":239},"2025-12-04",{"date":264,"score":61,"percentile":228},"2025-12-05",{"date":266,"score":61,"percentile":267},"2025-12-06",0.76865,{"date":269,"score":270,"percentile":271},"2025-12-07",0.01062,0.76992,{"date":273,"score":270,"percentile":274},"2025-12-08",0.76998,{"date":276,"score":270,"percentile":277},"2025-12-09",0.77023,{"date":279,"score":270,"percentile":280},"2025-12-10",0.77051,{"date":282,"score":270,"percentile":283},"2025-12-11",0.77067,{"date":285,"score":270,"percentile":286},"2025-12-12",0.77086,{"date":288,"score":270,"percentile":286},"2025-12-13",{"date":290,"score":270,"percentile":291},"2025-12-14",0.77085,{"date":293,"score":270,"percentile":294},"2025-12-15",0.7708,{"date":296,"score":270,"percentile":297},"2025-12-16",0.77091,{"date":299,"score":270,"percentile":300},"2025-12-17",0.77103,{"date":302,"score":270,"percentile":303},"2025-12-18",0.77118,{"date":305,"score":270,"percentile":306},"2025-12-19",0.7713,{"date":308,"score":270,"percentile":309},"2025-12-20",0.77124,{"date":311,"score":270,"percentile":303},"2025-12-21",{"date":313,"score":270,"percentile":314},"2025-12-22",0.77113,{"date":316,"score":270,"percentile":317},"2025-12-23",0.77115,{"date":319,"score":270,"percentile":320},"2025-12-24",0.77127,{"date":322,"score":270,"percentile":323},"2025-12-25",0.77145,{"date":325,"score":270,"percentile":326},"2025-12-26",0.77144,{"date":328,"score":270,"percentile":329},"2025-12-27",0.77196,{"date":331,"score":270,"percentile":306},"2025-12-28",{"date":333,"score":270,"percentile":334},"2025-12-29",0.77126,{"date":336,"score":270,"percentile":337},"2025-12-30",0.77134,{"date":339,"score":270,"percentile":340},"2025-12-31",0.77155,{"date":342,"score":270,"percentile":343},"2026-01-01",0.77282,{"date":345,"score":270,"percentile":343},"2026-01-02",{"date":347,"score":270,"percentile":348},"2026-01-03",0.77281,{"date":350,"score":270,"percentile":351},"2026-01-04",0.77161,{"date":353,"score":270,"percentile":354},"2026-01-05",0.77152,{"date":356,"score":357,"percentile":358},"2026-01-06",0.0059,0.68521,{"date":360,"score":357,"percentile":361},"2026-01-07",0.68538,{"date":363,"score":357,"percentile":364},"2026-01-08",0.68554,{"date":366,"score":357,"percentile":367},"2026-01-09",0.68563,{"date":369,"score":357,"percentile":370},"2026-01-10",0.68562,{"date":372,"score":357,"percentile":373},"2026-01-11",0.68555,{"date":375,"score":357,"percentile":376},"2026-01-12",0.68544,{"date":378,"score":357,"percentile":379},"2026-01-13",0.68543,{"date":381,"score":357,"percentile":382},"2026-01-14",0.68577,{"date":384,"score":357,"percentile":385},"2026-01-15",0.68582,{"date":387,"score":357,"percentile":388},"2026-01-16",0.68596,{"date":390,"score":357,"percentile":391},"2026-01-17",0.68587,{"date":393,"score":357,"percentile":394},"2026-01-18",0.68575,{"date":396,"score":357,"percentile":397},"2026-01-19",0.68566,{"date":399,"score":357,"percentile":400},"2026-01-20",0.68578,{"date":402,"score":357,"percentile":403},"2026-01-21",0.68585,{"date":405,"score":357,"percentile":406},"2026-01-22",0.68595,{"date":408,"score":357,"percentile":409},"2026-01-23",0.68623,{"date":411,"score":357,"percentile":412},"2026-01-24",0.68635,{"date":414,"score":357,"percentile":415},"2026-01-25",0.68605,{"date":417,"score":357,"percentile":418},"2026-01-26",0.68597,{"date":420,"score":357,"percentile":421},"2026-01-27",0.686,{"date":423,"score":357,"percentile":424},"2026-01-28",0.68612,{"date":426,"score":357,"percentile":427},"2026-01-29",0.68613,{"date":429,"score":357,"percentile":430},"2026-01-30",0.68619,{"date":432,"score":357,"percentile":433},"2026-01-31",0.68625,{"date":435,"score":357,"percentile":436},"2026-02-01",0.68774,[438],{"source":65,"cvss_v2_0":439,"cvss_v3_0":444,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":440,"baseSeverity":9,"vectorString":441,"impactScore":442,"exploitabilityScore":443},6.4,"AV:N/AC:L/Au:N/C:P/I:P/A:N",4.9,10,{"baseScore":63,"baseSeverity":445,"vectorString":66,"impactScore":446,"exploitabilityScore":443},"MEDIUM",4.2,[448,460,466,473],{"ecosystem":9,"name":449,"vendor":450,"product":451,"cpe_part":452,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":453},"Firefox","mozilla","firefox","a",[454],{"version":455,"is_range":456,"range_type":457,"version_start":9,"version_start_type":9,"version_end":458,"version_end_type":459,"fixed_in":9},"lte43.0.4",true,"cpe","43.0.4","including",{"ecosystem":9,"name":461,"vendor":450,"product":461,"cpe_part":452,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":462},"nss",[463],{"version":464,"is_range":456,"range_type":457,"version_start":9,"version_start_type":9,"version_end":465,"version_end_type":459,"fixed_in":9},"lte3.20.1","3.20.1",{"ecosystem":9,"name":467,"vendor":468,"product":467,"cpe_part":469,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":470},"leap","opensuse","o",[471],{"version":472,"is_range":59,"range_type":457,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"42.1",{"ecosystem":9,"name":468,"vendor":468,"product":468,"cpe_part":469,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":474},[475,477],{"version":476,"is_range":59,"range_type":457,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"13.1",{"version":478,"is_range":59,"range_type":457,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"13.2"]