[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-2837":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":69,"duplicate_of":9,"upstream":70,"downstream":71,"duplicates":102,"related":103,"reserved_at":9,"published_at":113,"modified_at":114,"state":115,"summary":116,"references_raw":125,"kevs":189,"epss":190,"epss_history":193,"metrics":454,"affected":465},"CVE-2016-2837","Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media Plugin (GMP) sandbox bypass.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[],[],[],[72,74,76,78,80,82,84,86,88,90,92,94,96,98,100],{"_key":73},"RHSA-2016:1551",{"_key":75},"OPENSUSE-SU-2024:10071-1",{"_key":77},"SUSE-SU-2016:2061-1",{"_key":79},"SUSE-SU-2016:2131-1",{"_key":81},"SUSE-SU-2016:2195-1",{"_key":83},"OPENSUSE-SU-2016:2253-1",{"_key":85},"OPENSUSE-SU-2016:2254-1",{"_key":87},"OPENSUSE-SU-2024:10230-1",{"_key":89},"OPENSUSE-SU-2024:14572-1",{"_key":91},"DLA-585-1",{"_key":93},"DSA-3640-1",{"_key":95},"MGASA-2016-0278",{"_key":97},"UBUNTU-CVE-2016-2837",{"_key":99},"USN-3044-1",{"_key":101},"DEBIAN-CVE-2016-2837",[],[104,105,106,107,108,109,110,111,112],{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":95},"2016-08-05T01:00:00.000Z","2024-08-05T23:32:21.194Z","Modified",{"cisa_kev":117,"cisa_ransomware":117,"cisa_vendor":9,"epss_severity":118,"epss_score":119,"severity":120,"severity_score":121,"severity_version":122,"severity_source":123,"severity_vector":124,"severity_status":115},false,"low",0.00398,"medium",6.8,"v2.0","nvd","AV:N/AC:M/Au:N/C:P/I:P/A:P",[126,133,138,144,149,154,159,164,170,175,180,185],{"url":127,"sources":128,"tags":130},"http://www.mozilla.org/security/announce/2016/mfsa2016-77.html",[129,123],"cve.org",[131,132],"X Refsource CONFIRM","Vendor Advisory",{"url":134,"sources":135,"tags":136},"http://www.debian.org/security/2016/dsa-3640",[129,123],[132,137],"X Refsource DEBIAN",{"url":139,"sources":140,"tags":141},"http://www.securitytracker.com/id/1036508",[129,123],[142,143],"VDB Entry","X Refsource SECTRACK",{"url":145,"sources":146,"tags":147},"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",[129,123],[131,148],"Third Party Advisory",{"url":150,"sources":151,"tags":152},"http://www.ubuntu.com/usn/USN-3044-1",[129,123],[132,153],"X Refsource UBUNTU",{"url":155,"sources":156,"tags":157},"http://www.securityfocus.com/bid/92258",[129,123],[142,158],"X Refsource BID",{"url":160,"sources":161,"tags":162},"http://rhn.redhat.com/errata/RHSA-2016-1551.html",[129,123],[132,163],"X Refsource REDHAT",{"url":165,"sources":166,"tags":167},"https://bugzilla.mozilla.org/show_bug.cgi?id=1274637",[129,123],[131,168,169],"Issue Tracking","Permissions Required",{"url":171,"sources":172,"tags":173},"https://security.gentoo.org/glsa/201701-15",[129,123],[132,174],"X Refsource GENTOO",{"url":176,"sources":177,"tags":178},"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html",[129,123],[132,179],"X Refsource SUSE",{"url":181,"sources":182,"tags":183},"http://www.zerodayinitiative.com/advisories/ZDI-16-673",[129,123],[184],"X Refsource MISC",{"url":186,"sources":187,"tags":188},"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html",[129,123],[132,179],[],{"date":191,"score":119,"percentile":192},"2026-06-04",0.60908,[194,198,201,204,207,210,213,216,218,221,224,227,230,233,236,239,242,245,248,251,254,257,259,261,263,266,269,272,275,278,281,284,287,289,292,294,297,300,303,306,309,312,315,318,321,324,327,329,332,335,338,341,344,347,350,353,356,359,362,365,368,371,374,377,380,383,386,389,392,395,397,400,403,405,408,411,414,417,420,423,426,429,432,435,437,440,443,445,448,451],{"date":195,"score":196,"percentile":197},"2025-11-04",0.00458,0.63154,{"date":199,"score":196,"percentile":200},"2025-11-05",0.63136,{"date":202,"score":196,"percentile":203},"2025-11-06",0.63145,{"date":205,"score":196,"percentile":206},"2025-11-07",0.63162,{"date":208,"score":196,"percentile":209},"2025-11-08",0.63166,{"date":211,"score":196,"percentile":212},"2025-11-09",0.63159,{"date":214,"score":196,"percentile":215},"2025-11-10",0.63141,{"date":217,"score":196,"percentile":197},"2025-11-11",{"date":219,"score":196,"percentile":220},"2025-11-12",0.63175,{"date":222,"score":196,"percentile":223},"2025-11-13",0.6318,{"date":225,"score":196,"percentile":226},"2025-11-14",0.63191,{"date":228,"score":196,"percentile":229},"2025-11-15",0.63183,{"date":231,"score":196,"percentile":232},"2025-11-16",0.63173,{"date":234,"score":196,"percentile":235},"2025-11-17",0.63172,{"date":237,"score":196,"percentile":238},"2025-11-18",0.61312,{"date":240,"score":196,"percentile":241},"2025-11-19",0.61325,{"date":243,"score":196,"percentile":244},"2025-11-20",0.61315,{"date":246,"score":196,"percentile":247},"2025-11-21",0.63184,{"date":249,"score":196,"percentile":250},"2025-11-22",0.6319,{"date":252,"score":196,"percentile":253},"2025-11-23",0.6317,{"date":255,"score":196,"percentile":256},"2025-11-24",0.63164,{"date":258,"score":196,"percentile":209},"2025-11-25",{"date":260,"score":196,"percentile":253},"2025-11-26",{"date":262,"score":196,"percentile":220},"2025-11-27",{"date":264,"score":196,"percentile":265},"2025-11-28",0.63157,{"date":267,"score":196,"percentile":268},"2025-11-29",0.63128,{"date":270,"score":196,"percentile":271},"2025-11-30",0.63119,{"date":273,"score":196,"percentile":274},"2025-12-01",0.6329,{"date":276,"score":196,"percentile":277},"2025-12-02",0.63307,{"date":279,"score":196,"percentile":280},"2025-12-03",0.63309,{"date":282,"score":196,"percentile":283},"2025-12-04",0.63133,{"date":285,"score":196,"percentile":286},"2025-12-05",0.63146,{"date":288,"score":196,"percentile":286},"2025-12-06",{"date":290,"score":196,"percentile":291},"2025-12-07",0.63138,{"date":293,"score":196,"percentile":203},"2025-12-08",{"date":295,"score":196,"percentile":296},"2025-12-09",0.63178,{"date":298,"score":196,"percentile":299},"2025-12-10",0.63221,{"date":301,"score":196,"percentile":302},"2025-12-11",0.63235,{"date":304,"score":196,"percentile":305},"2025-12-12",0.63257,{"date":307,"score":196,"percentile":308},"2025-12-13",0.63264,{"date":310,"score":196,"percentile":311},"2025-12-14",0.63263,{"date":313,"score":196,"percentile":314},"2025-12-15",0.63254,{"date":316,"score":196,"percentile":317},"2025-12-16",0.63269,{"date":319,"score":196,"percentile":320},"2025-12-17",0.63283,{"date":322,"score":196,"percentile":323},"2025-12-18",0.63319,{"date":325,"score":196,"percentile":326},"2025-12-19",0.63335,{"date":328,"score":196,"percentile":326},"2025-12-20",{"date":330,"score":196,"percentile":331},"2025-12-21",0.63326,{"date":333,"score":196,"percentile":334},"2025-12-22",0.63316,{"date":336,"score":196,"percentile":337},"2025-12-23",0.6333,{"date":339,"score":196,"percentile":340},"2025-12-24",0.63338,{"date":342,"score":196,"percentile":343},"2025-12-25",0.63364,{"date":345,"score":196,"percentile":346},"2025-12-26",0.63363,{"date":348,"score":196,"percentile":349},"2025-12-27",0.63418,{"date":351,"score":196,"percentile":352},"2025-12-28",0.63341,{"date":354,"score":196,"percentile":355},"2025-12-29",0.63332,{"date":357,"score":196,"percentile":358},"2025-12-30",0.63347,{"date":360,"score":196,"percentile":361},"2025-12-31",0.63373,{"date":363,"score":196,"percentile":364},"2026-01-01",0.63563,{"date":366,"score":196,"percentile":367},"2026-01-02",0.63547,{"date":369,"score":196,"percentile":370},"2026-01-03",0.63546,{"date":372,"score":196,"percentile":373},"2026-01-04",0.63365,{"date":375,"score":196,"percentile":376},"2026-01-05",0.63358,{"date":378,"score":196,"percentile":379},"2026-01-06",0.63353,{"date":381,"score":196,"percentile":382},"2026-01-07",0.63374,{"date":384,"score":196,"percentile":385},"2026-01-08",0.63396,{"date":387,"score":196,"percentile":388},"2026-01-09",0.63399,{"date":390,"score":196,"percentile":391},"2026-01-10",0.63395,{"date":393,"score":196,"percentile":394},"2026-01-11",0.63383,{"date":396,"score":196,"percentile":346},"2026-01-12",{"date":398,"score":196,"percentile":399},"2026-01-13",0.6336,{"date":401,"score":119,"percentile":402},"2026-01-14",0.60026,{"date":404,"score":119,"percentile":402},"2026-01-15",{"date":406,"score":119,"percentile":407},"2026-01-16",0.60047,{"date":409,"score":119,"percentile":410},"2026-01-17",0.60042,{"date":412,"score":119,"percentile":413},"2026-01-18",0.6004,{"date":415,"score":119,"percentile":416},"2026-01-19",0.60021,{"date":418,"score":119,"percentile":419},"2026-01-20",0.60028,{"date":421,"score":119,"percentile":422},"2026-01-21",0.60031,{"date":424,"score":119,"percentile":425},"2026-01-22",0.60036,{"date":427,"score":119,"percentile":428},"2026-01-23",0.60075,{"date":430,"score":119,"percentile":431},"2026-01-24",0.60085,{"date":433,"score":119,"percentile":434},"2026-01-25",0.60049,{"date":436,"score":119,"percentile":413},"2026-01-26",{"date":438,"score":119,"percentile":439},"2026-01-27",0.60046,{"date":441,"score":119,"percentile":442},"2026-01-28",0.60056,{"date":444,"score":119,"percentile":442},"2026-01-29",{"date":446,"score":119,"percentile":447},"2026-01-30",0.60057,{"date":449,"score":119,"percentile":450},"2026-01-31",0.60063,{"date":452,"score":119,"percentile":453},"2026-02-01",0.60192,[455],{"source":123,"cvss_v2_0":456,"cvss_v3_0":459,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":121,"baseSeverity":9,"vectorString":124,"impactScore":457,"exploitabilityScore":458},6.4,8.6,{"baseScore":460,"baseSeverity":461,"vectorString":462,"impactScore":463,"exploitabilityScore":464},6.3,"MEDIUM","CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",5.7,7.2,[466,485],{"ecosystem":9,"name":467,"vendor":468,"product":467,"cpe_part":469,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":470},"firefox","mozilla","a",[471,477,479,481,483],{"version":472,"is_range":473,"range_type":474,"version_start":9,"version_start_type":9,"version_end":475,"version_end_type":476,"fixed_in":9},"lte47.0.1",true,"cpe","47.0.1","including",{"version":478,"is_range":117,"range_type":474,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"45.1.0",{"version":480,"is_range":117,"range_type":474,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"45.1.1",{"version":482,"is_range":117,"range_type":474,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"45.2.0",{"version":484,"is_range":117,"range_type":474,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"45.3.0",{"ecosystem":9,"name":486,"vendor":487,"product":486,"cpe_part":488,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":489},"linux","oracle","o",[490,492,494],{"version":491,"is_range":117,"range_type":474,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0",{"version":493,"is_range":117,"range_type":474,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6",{"version":495,"is_range":117,"range_type":474,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7"]