[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-1954":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":19,"duplicate_of":9,"upstream":20,"downstream":21,"duplicates":58,"related":59,"reserved_at":9,"published_at":70,"modified_at":71,"state":72,"summary":73,"references_raw":82,"kevs":187,"epss":188,"epss_history":191,"metrics":450,"affected":461},"CVE-2016-1954","The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"CWE-264","Permissions, Privileges, and Access Controls","Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.","category","Obsolete",[],[],[],[],[22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56],{"_key":23},"RHSA-2016:0373",{"_key":25},"RHSA-2016:0460",{"_key":27},"OPENSUSE-SU-2024:10071-1",{"_key":29},"SUSE-SU-2016:0727-1",{"_key":31},"SUSE-SU-2016:0777-1",{"_key":33},"SUSE-SU-2016:0909-1",{"_key":35},"OPENSUSE-SU-2016:1769-1",{"_key":37},"OPENSUSE-SU-2016:1778-1",{"_key":39},"OPENSUSE-SU-2024:10230-1",{"_key":41},"OPENSUSE-SU-2024:14572-1",{"_key":43},"DSA-3510-1",{"_key":45},"DSA-3520-1",{"_key":47},"MGASA-2016-0105",{"_key":49},"MGASA-2016-0115",{"_key":51},"UBUNTU-CVE-2016-1954",{"_key":53},"USN-2917-1",{"_key":55},"USN-2934-1",{"_key":57},"DEBIAN-CVE-2016-1954",[],[60,61,62,63,64,65,66,67,68,69],{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":47},{"_key":49},"2016-03-13T18:00:00.000Z","2024-08-05T23:10:40.334Z","Modified",{"cisa_kev":74,"cisa_ransomware":74,"cisa_vendor":9,"epss_severity":75,"epss_score":76,"severity":77,"severity_score":78,"severity_version":79,"severity_source":80,"severity_vector":81,"severity_status":72},false,"low",0.02706,"high",8.8,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",[83,91,98,102,106,110,114,118,122,126,130,134,139,144,148,152,156,160,166,170,175,179,183],{"url":84,"sources":85,"tags":87},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html",[86,80],"cve.org",[88,89,90],"Vendor Advisory","X Refsource SUSE","Third Party Advisory",{"url":92,"sources":93,"tags":94},"http://hg.mozilla.org/releases/mozilla-release/rev/5154bb929236",[86,80],[95,96,97],"X Refsource CONFIRM","Issue Tracking","Patch",{"url":99,"sources":100,"tags":101},"https://bugzilla.mozilla.org/show_bug.cgi?id=1243178",[86,80],[95,96],{"url":103,"sources":104,"tags":105},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html",[86,80],[88,89],{"url":107,"sources":108,"tags":109},"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html",[86,80],[88,89,90],{"url":111,"sources":112,"tags":113},"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",[86,80],[95,90],{"url":115,"sources":116,"tags":117},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html",[86,80],[88,89],{"url":119,"sources":120,"tags":121},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html",[86,80],[88,89],{"url":123,"sources":124,"tags":125},"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html",[86,80],[88,89,90],{"url":127,"sources":128,"tags":129},"http://www.mozilla.org/security/announce/2016/mfsa2016-17.html",[86,80],[95,88],{"url":131,"sources":132,"tags":133},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html",[86,80],[88,89],{"url":135,"sources":136,"tags":137},"http://www.ubuntu.com/usn/USN-2917-1",[86,80],[88,138],"X Refsource UBUNTU",{"url":140,"sources":141,"tags":142},"http://www.debian.org/security/2016/dsa-3520",[86,80],[88,143],"X Refsource DEBIAN",{"url":145,"sources":146,"tags":147},"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html",[86,80],[88,89,90],{"url":149,"sources":150,"tags":151},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html",[86,80],[88,89],{"url":153,"sources":154,"tags":155},"http://www.debian.org/security/2016/dsa-3510",[86,80],[88,143],{"url":157,"sources":158,"tags":159},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html",[86,80],[88,89],{"url":161,"sources":162,"tags":163},"http://www.securitytracker.com/id/1035215",[86,80],[164,165],"VDB Entry","X Refsource SECTRACK",{"url":167,"sources":168,"tags":169},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html",[86,80],[88,89],{"url":171,"sources":172,"tags":173},"https://security.gentoo.org/glsa/201605-06",[86,80],[88,174],"X Refsource GENTOO",{"url":176,"sources":177,"tags":178},"http://www.ubuntu.com/usn/USN-2934-1",[86,80],[88,138],{"url":180,"sources":181,"tags":182},"http://www.ubuntu.com/usn/USN-2917-2",[86,80],[88,138],{"url":184,"sources":185,"tags":186},"http://www.ubuntu.com/usn/USN-2917-3",[86,80],[88,138],[],{"date":189,"score":76,"percentile":190},"2026-06-04",0.86175,[192,196,199,202,205,208,210,213,216,219,222,225,227,230,232,235,238,241,244,247,250,252,255,258,260,263,266,269,272,275,278,281,283,285,288,291,294,297,300,303,306,309,312,314,317,320,323,325,328,330,333,336,339,342,345,348,351,354,357,360,363,366,368,371,374,377,380,383,386,389,391,394,397,400,403,406,409,412,415,418,421,424,427,430,433,436,439,442,445,447],{"date":193,"score":194,"percentile":195},"2025-11-04",0.05058,0.89274,{"date":197,"score":194,"percentile":198},"2025-11-05",0.89271,{"date":200,"score":194,"percentile":201},"2025-11-06",0.89265,{"date":203,"score":194,"percentile":204},"2025-11-07",0.89273,{"date":206,"score":194,"percentile":207},"2025-11-08",0.89275,{"date":209,"score":194,"percentile":204},"2025-11-09",{"date":211,"score":194,"percentile":212},"2025-11-10",0.8927,{"date":214,"score":194,"percentile":215},"2025-11-11",0.89272,{"date":217,"score":194,"percentile":218},"2025-11-12",0.8928,{"date":220,"score":194,"percentile":221},"2025-11-13",0.89284,{"date":223,"score":194,"percentile":224},"2025-11-14",0.89287,{"date":226,"score":194,"percentile":221},"2025-11-15",{"date":228,"score":194,"percentile":229},"2025-11-16",0.89286,{"date":231,"score":194,"percentile":221},"2025-11-17",{"date":233,"score":194,"percentile":234},"2025-11-18",0.88722,{"date":236,"score":194,"percentile":237},"2025-11-19",0.88726,{"date":239,"score":194,"percentile":240},"2025-11-20",0.88731,{"date":242,"score":194,"percentile":243},"2025-11-21",0.89299,{"date":245,"score":194,"percentile":246},"2025-11-22",0.893,{"date":248,"score":194,"percentile":249},"2025-11-23",0.89297,{"date":251,"score":194,"percentile":243},"2025-11-24",{"date":253,"score":194,"percentile":254},"2025-11-25",0.89301,{"date":256,"score":194,"percentile":257},"2025-11-26",0.89298,{"date":259,"score":194,"percentile":243},"2025-11-27",{"date":261,"score":194,"percentile":262},"2025-11-28",0.89292,{"date":264,"score":194,"percentile":265},"2025-11-29",0.89361,{"date":267,"score":194,"percentile":268},"2025-11-30",0.8936,{"date":270,"score":194,"percentile":271},"2025-12-01",0.89422,{"date":273,"score":194,"percentile":274},"2025-12-02",0.89424,{"date":276,"score":194,"percentile":277},"2025-12-03",0.89421,{"date":279,"score":194,"percentile":280},"2025-12-04",0.89359,{"date":282,"score":194,"percentile":265},"2025-12-05",{"date":284,"score":194,"percentile":265},"2025-12-06",{"date":286,"score":194,"percentile":287},"2025-12-07",0.89357,{"date":289,"score":194,"percentile":290},"2025-12-08",0.89358,{"date":292,"score":194,"percentile":293},"2025-12-09",0.89364,{"date":295,"score":194,"percentile":296},"2025-12-10",0.89379,{"date":298,"score":194,"percentile":299},"2025-12-11",0.89383,{"date":301,"score":194,"percentile":302},"2025-12-12",0.89387,{"date":304,"score":194,"percentile":305},"2025-12-13",0.8939,{"date":307,"score":194,"percentile":308},"2025-12-14",0.89393,{"date":310,"score":194,"percentile":311},"2025-12-15",0.89394,{"date":313,"score":194,"percentile":311},"2025-12-16",{"date":315,"score":194,"percentile":316},"2025-12-17",0.89399,{"date":318,"score":194,"percentile":319},"2025-12-18",0.89407,{"date":321,"score":194,"percentile":322},"2025-12-19",0.89408,{"date":324,"score":194,"percentile":319},"2025-12-20",{"date":326,"score":194,"percentile":327},"2025-12-21",0.89415,{"date":329,"score":194,"percentile":327},"2025-12-22",{"date":331,"score":194,"percentile":332},"2025-12-23",0.89417,{"date":334,"score":194,"percentile":335},"2025-12-24",0.89423,{"date":337,"score":194,"percentile":338},"2025-12-25",0.89436,{"date":340,"score":194,"percentile":341},"2025-12-26",0.89435,{"date":343,"score":194,"percentile":344},"2025-12-27",0.89478,{"date":346,"score":194,"percentile":347},"2025-12-28",0.89429,{"date":349,"score":194,"percentile":350},"2025-12-29",0.89426,{"date":352,"score":194,"percentile":353},"2025-12-30",0.89433,{"date":355,"score":194,"percentile":356},"2025-12-31",0.89441,{"date":358,"score":194,"percentile":359},"2026-01-01",0.89509,{"date":361,"score":194,"percentile":362},"2026-01-02",0.89502,{"date":364,"score":194,"percentile":365},"2026-01-03",0.89501,{"date":367,"score":194,"percentile":356},"2026-01-04",{"date":369,"score":194,"percentile":370},"2026-01-05",0.89438,{"date":372,"score":194,"percentile":373},"2026-01-06",0.89442,{"date":375,"score":194,"percentile":376},"2026-01-07",0.89445,{"date":378,"score":194,"percentile":379},"2026-01-08",0.8945,{"date":381,"score":194,"percentile":382},"2026-01-09",0.89452,{"date":384,"score":194,"percentile":385},"2026-01-10",0.89454,{"date":387,"score":194,"percentile":388},"2026-01-11",0.89446,{"date":390,"score":194,"percentile":388},"2026-01-12",{"date":392,"score":194,"percentile":393},"2026-01-13",0.89443,{"date":395,"score":194,"percentile":396},"2026-01-14",0.89458,{"date":398,"score":194,"percentile":399},"2026-01-15",0.89459,{"date":401,"score":194,"percentile":402},"2026-01-16",0.89465,{"date":404,"score":194,"percentile":405},"2026-01-17",0.89466,{"date":407,"score":194,"percentile":408},"2026-01-18",0.89464,{"date":410,"score":76,"percentile":411},"2026-01-19",0.85472,{"date":413,"score":76,"percentile":414},"2026-01-20",0.85474,{"date":416,"score":76,"percentile":417},"2026-01-21",0.85481,{"date":419,"score":76,"percentile":420},"2026-01-22",0.85484,{"date":422,"score":76,"percentile":423},"2026-01-23",0.85499,{"date":425,"score":76,"percentile":426},"2026-01-24",0.85508,{"date":428,"score":76,"percentile":429},"2026-01-25",0.85505,{"date":431,"score":76,"percentile":432},"2026-01-26",0.85504,{"date":434,"score":76,"percentile":435},"2026-01-27",0.85509,{"date":437,"score":76,"percentile":438},"2026-01-28",0.85514,{"date":440,"score":76,"percentile":441},"2026-01-29",0.85517,{"date":443,"score":76,"percentile":444},"2026-01-30",0.85518,{"date":446,"score":76,"percentile":444},"2026-01-31",{"date":448,"score":76,"percentile":449},"2026-02-01",0.85581,[451],{"source":80,"cvss_v2_0":452,"cvss_v3_0":457,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":453,"baseSeverity":9,"vectorString":454,"impactScore":455,"exploitabilityScore":456},6.8,"AV:N/AC:M/Au:N/C:P/I:P/A:P",6.4,8.6,{"baseScore":78,"baseSeverity":458,"vectorString":81,"impactScore":459,"exploitabilityScore":460},"HIGH",9.8,7.2,[462,499,505,512,519,525],{"ecosystem":9,"name":463,"vendor":464,"product":463,"cpe_part":465,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":466},"firefox","mozilla","a",[467,473,475,477,479,481,483,485,487,489,491,493,495,497],{"version":468,"is_range":469,"range_type":470,"version_start":9,"version_start_type":9,"version_end":471,"version_end_type":472,"fixed_in":9},"lte44.0.2",true,"cpe","44.0.2","including",{"version":474,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.0",{"version":476,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.0.1",{"version":478,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.0.5",{"version":480,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.1.0",{"version":482,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.1.1",{"version":484,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.2.0",{"version":486,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.2.1",{"version":488,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.3.0",{"version":490,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.4.0",{"version":492,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.5.0",{"version":494,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.5.1",{"version":496,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.6.0",{"version":498,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.6.1",{"ecosystem":9,"name":500,"vendor":464,"product":501,"cpe_part":465,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":502},"Thunderbird","thunderbird",[503],{"version":504,"is_range":469,"range_type":470,"version_start":9,"version_start_type":9,"version_end":496,"version_end_type":472,"fixed_in":9},"lte38.6.0",{"ecosystem":9,"name":506,"vendor":507,"product":508,"cpe_part":465,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":509},"suse package hub for suse linux enterprise","novell","suse_package_hub_for_suse_linux_enterprise",[510],{"version":511,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12",{"ecosystem":9,"name":513,"vendor":514,"product":513,"cpe_part":515,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":516},"leap","opensuse","o",[517],{"version":518,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"42.1",{"ecosystem":9,"name":514,"vendor":514,"product":514,"cpe_part":515,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":520},[521,523],{"version":522,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"13.1",{"version":524,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"13.2",{"ecosystem":9,"name":526,"vendor":527,"product":526,"cpe_part":515,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":528},"linux","oracle",[529,531,533],{"version":530,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0",{"version":532,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6",{"version":534,"is_range":74,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7"]