Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/thunderbird@2.0.0.22-2?arch=el5_3

Type rpm

Namespace redhat

Name thunderbird

Version 2.0.0.22-2

Qualifiers

arch	el5_3

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-1ntj-aahx-37hu

vulnerability_id

VCID-1ntj-aahx-37hu

summary

Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
    allow execution of arbitrary code or local privilege escalation.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1833.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1833.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1833

reference_id

reference_type

scores

value	0.1037
scoring_system	epss
scoring_elements	0.93233
published_at	2026-04-21T12:55:00Z

value	0.1037
scoring_system	epss
scoring_elements	0.93176
published_at	2026-04-01T12:55:00Z

value	0.1037
scoring_system	epss
scoring_elements	0.93186
published_at	2026-04-02T12:55:00Z

value	0.1037
scoring_system	epss
scoring_elements	0.9319
published_at	2026-04-04T12:55:00Z

value	0.1037
scoring_system	epss
scoring_elements	0.93188
published_at	2026-04-07T12:55:00Z

value	0.1037
scoring_system	epss
scoring_elements	0.93197
published_at	2026-04-08T12:55:00Z

value	0.1037
scoring_system	epss
scoring_elements	0.93201
published_at	2026-04-09T12:55:00Z

value	0.1037
scoring_system	epss
scoring_elements	0.93206
published_at	2026-04-11T12:55:00Z

value	0.1037
scoring_system	epss
scoring_elements	0.93203
published_at	2026-04-12T12:55:00Z

value	0.1037
scoring_system	epss
scoring_elements	0.93205
published_at	2026-04-13T12:55:00Z

value	0.1037
scoring_system	epss
scoring_elements	0.9322
published_at	2026-04-16T12:55:00Z

value	0.1037
scoring_system	epss
scoring_elements	0.93225
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1833

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=503570
reference_id	503570
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=503570

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1833
reference_id	CVE-2009-1833
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1833

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-24

reference_id

mfsa2009-24

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-24

reference_url	https://access.redhat.com/errata/RHSA-2009:1095
reference_id	RHSA-2009:1095
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1095

reference_url	https://access.redhat.com/errata/RHSA-2009:1096
reference_id	RHSA-2009:1096
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1096

reference_url	https://access.redhat.com/errata/RHSA-2009:1125
reference_id	RHSA-2009:1125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1125

reference_url	https://access.redhat.com/errata/RHSA-2009:1126
reference_id	RHSA-2009:1126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1126

reference_url	https://usn.ubuntu.com/779-1/
reference_id	USN-779-1
reference_type
scores
url	https://usn.ubuntu.com/779-1/

reference_url	https://usn.ubuntu.com/782-1/
reference_id	USN-782-1
reference_type
scores
url	https://usn.ubuntu.com/782-1/

fixed_packages

aliases

CVE-2009-1833

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-1ntj-aahx-37hu

url

VCID-33yw-68n5-kfb3

vulnerability_id

VCID-33yw-68n5-kfb3

summary

Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
    allow execution of arbitrary code or local privilege escalation.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1303.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1303.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1303

reference_id

reference_type

scores

value	0.02802
scoring_system	epss
scoring_elements	0.86133
published_at	2026-04-21T12:55:00Z

value	0.02802
scoring_system	epss
scoring_elements	0.86053
published_at	2026-04-01T12:55:00Z

value	0.02802
scoring_system	epss
scoring_elements	0.86064
published_at	2026-04-02T12:55:00Z

value	0.02802
scoring_system	epss
scoring_elements	0.8608
published_at	2026-04-04T12:55:00Z

value	0.02802
scoring_system	epss
scoring_elements	0.86079
published_at	2026-04-07T12:55:00Z

value	0.02802
scoring_system	epss
scoring_elements	0.86099
published_at	2026-04-08T12:55:00Z

value	0.02802
scoring_system	epss
scoring_elements	0.86109
published_at	2026-04-09T12:55:00Z

value	0.02802
scoring_system	epss
scoring_elements	0.86124
published_at	2026-04-11T12:55:00Z

value	0.02802
scoring_system	epss
scoring_elements	0.86122
published_at	2026-04-12T12:55:00Z

value	0.02802
scoring_system	epss
scoring_elements	0.86118
published_at	2026-04-13T12:55:00Z

value	0.02802
scoring_system	epss
scoring_elements	0.86136
published_at	2026-04-16T12:55:00Z

value	0.02802
scoring_system	epss
scoring_elements	0.86141
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1303

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=496253
reference_id	496253
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=496253

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1303
reference_id	CVE-2009-1303
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1303

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-14

reference_id

mfsa2009-14

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-14

reference_url	https://access.redhat.com/errata/RHSA-2009:0436
reference_id	RHSA-2009:0436
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0436

reference_url	https://access.redhat.com/errata/RHSA-2009:0437
reference_id	RHSA-2009:0437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0437

reference_url	https://access.redhat.com/errata/RHSA-2009:1125
reference_id	RHSA-2009:1125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1125

reference_url	https://access.redhat.com/errata/RHSA-2009:1126
reference_id	RHSA-2009:1126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1126

reference_url	https://usn.ubuntu.com/764-1/
reference_id	USN-764-1
reference_type
scores
url	https://usn.ubuntu.com/764-1/

reference_url	https://usn.ubuntu.com/782-1/
reference_id	USN-782-1
reference_type
scores
url	https://usn.ubuntu.com/782-1/

fixed_packages

aliases

CVE-2009-1303

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-33yw-68n5-kfb3

url

VCID-44gu-7x3j-hydk

vulnerability_id

VCID-44gu-7x3j-hydk

summary

Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
    allow execution of arbitrary code or local privilege escalation.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1836.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1836.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1836

reference_id

reference_type

scores

value	0.02032
scoring_system	epss
scoring_elements	0.83838
published_at	2026-04-21T12:55:00Z

value	0.02032
scoring_system	epss
scoring_elements	0.83738
published_at	2026-04-01T12:55:00Z

value	0.02032
scoring_system	epss
scoring_elements	0.83751
published_at	2026-04-02T12:55:00Z

value	0.02032
scoring_system	epss
scoring_elements	0.83766
published_at	2026-04-04T12:55:00Z

value	0.02032
scoring_system	epss
scoring_elements	0.83768
published_at	2026-04-07T12:55:00Z

value	0.02032
scoring_system	epss
scoring_elements	0.83792
published_at	2026-04-08T12:55:00Z

value	0.02032
scoring_system	epss
scoring_elements	0.83799
published_at	2026-04-09T12:55:00Z

value	0.02032
scoring_system	epss
scoring_elements	0.83814
published_at	2026-04-11T12:55:00Z

value	0.02032
scoring_system	epss
scoring_elements	0.83808
published_at	2026-04-12T12:55:00Z

value	0.02032
scoring_system	epss
scoring_elements	0.83804
published_at	2026-04-13T12:55:00Z

value	0.02032
scoring_system	epss
scoring_elements	0.83837
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1836

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=503578
reference_id	503578
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=503578

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1836
reference_id	CVE-2009-1836
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1836

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-27

reference_id

mfsa2009-27

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-27

reference_url	https://access.redhat.com/errata/RHSA-2009:1095
reference_id	RHSA-2009:1095
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1095

reference_url	https://access.redhat.com/errata/RHSA-2009:1126
reference_id	RHSA-2009:1126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1126

reference_url	https://usn.ubuntu.com/779-1/
reference_id	USN-779-1
reference_type
scores
url	https://usn.ubuntu.com/779-1/

reference_url	https://usn.ubuntu.com/782-1/
reference_id	USN-782-1
reference_type
scores
url	https://usn.ubuntu.com/782-1/

fixed_packages

aliases

CVE-2009-1836

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-44gu-7x3j-hydk

url

VCID-b7zf-d56n-ekek

vulnerability_id

VCID-b7zf-d56n-ekek

summary

Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
    allow execution of arbitrary code or local privilege escalation.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1308.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1308.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1308

reference_id

reference_type

scores

value	0.01099
scoring_system	epss
scoring_elements	0.78062
published_at	2026-04-21T12:55:00Z

value	0.01099
scoring_system	epss
scoring_elements	0.77978
published_at	2026-04-01T12:55:00Z

value	0.01099
scoring_system	epss
scoring_elements	0.77986
published_at	2026-04-02T12:55:00Z

value	0.01099
scoring_system	epss
scoring_elements	0.78015
published_at	2026-04-04T12:55:00Z

value	0.01099
scoring_system	epss
scoring_elements	0.77998
published_at	2026-04-07T12:55:00Z

value	0.01099
scoring_system	epss
scoring_elements	0.78024
published_at	2026-04-08T12:55:00Z

value	0.01099
scoring_system	epss
scoring_elements	0.78028
published_at	2026-04-09T12:55:00Z

value	0.01099
scoring_system	epss
scoring_elements	0.78055
published_at	2026-04-11T12:55:00Z

value	0.01099
scoring_system	epss
scoring_elements	0.78037
published_at	2026-04-12T12:55:00Z

value	0.01099
scoring_system	epss
scoring_elements	0.78035
published_at	2026-04-13T12:55:00Z

value	0.01099
scoring_system	epss
scoring_elements	0.78071
published_at	2026-04-16T12:55:00Z

value	0.01099
scoring_system	epss
scoring_elements	0.78069
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1308

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=496266
reference_id	496266
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=496266

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1308
reference_id	CVE-2009-1308
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1308

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-18

reference_id

mfsa2009-18

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-18

reference_url	https://access.redhat.com/errata/RHSA-2009:0436
reference_id	RHSA-2009:0436
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0436

reference_url	https://access.redhat.com/errata/RHSA-2009:1126
reference_id	RHSA-2009:1126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1126

reference_url	https://usn.ubuntu.com/764-1/
reference_id	USN-764-1
reference_type
scores
url	https://usn.ubuntu.com/764-1/

reference_url	https://usn.ubuntu.com/782-1/
reference_id	USN-782-1
reference_type
scores
url	https://usn.ubuntu.com/782-1/

fixed_packages

aliases

CVE-2009-1308

risk_score

1.4

exploitability

0.5

weighted_severity

2.7

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-b7zf-d56n-ekek

url

VCID-bf27-12ap-bbau

vulnerability_id

VCID-bf27-12ap-bbau

summary

Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
    allow execution of arbitrary code or local privilege escalation.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1305.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1305.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1305

reference_id

reference_type

scores

value	0.04708
scoring_system	epss
scoring_elements	0.8938
published_at	2026-04-21T12:55:00Z

value	0.04708
scoring_system	epss
scoring_elements	0.89327
published_at	2026-04-01T12:55:00Z

value	0.04708
scoring_system	epss
scoring_elements	0.89332
published_at	2026-04-02T12:55:00Z

value	0.04708
scoring_system	epss
scoring_elements	0.89343
published_at	2026-04-04T12:55:00Z

value	0.04708
scoring_system	epss
scoring_elements	0.89345
published_at	2026-04-07T12:55:00Z

value	0.04708
scoring_system	epss
scoring_elements	0.89362
published_at	2026-04-08T12:55:00Z

value	0.04708
scoring_system	epss
scoring_elements	0.89366
published_at	2026-04-09T12:55:00Z

value	0.04708
scoring_system	epss
scoring_elements	0.89375
published_at	2026-04-11T12:55:00Z

value	0.04708
scoring_system	epss
scoring_elements	0.89372
published_at	2026-04-12T12:55:00Z

value	0.04708
scoring_system	epss
scoring_elements	0.89368
published_at	2026-04-13T12:55:00Z

value	0.04708
scoring_system	epss
scoring_elements	0.89384
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1305

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=496256
reference_id	496256
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=496256

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1305
reference_id	CVE-2009-1305
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1305

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-14

reference_id

mfsa2009-14

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-14

reference_url	https://access.redhat.com/errata/RHSA-2009:0436
reference_id	RHSA-2009:0436
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0436

reference_url	https://access.redhat.com/errata/RHSA-2009:0437
reference_id	RHSA-2009:0437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0437

reference_url	https://access.redhat.com/errata/RHSA-2009:1125
reference_id	RHSA-2009:1125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1125

reference_url	https://access.redhat.com/errata/RHSA-2009:1126
reference_id	RHSA-2009:1126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1126

reference_url	https://usn.ubuntu.com/764-1/
reference_id	USN-764-1
reference_type
scores
url	https://usn.ubuntu.com/764-1/

reference_url	https://usn.ubuntu.com/782-1/
reference_id	USN-782-1
reference_type
scores
url	https://usn.ubuntu.com/782-1/

fixed_packages

aliases

CVE-2009-1305

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-bf27-12ap-bbau

url VCID-j2c7-myq6-ubbh

vulnerability_id VCID-j2c7-myq6-ubbh

summary

Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
    allow execution of arbitrary code or local privilege escalation.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2210.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2210.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-2210

reference_id

reference_type

scores

value	0.05533
scoring_system	epss
scoring_elements	0.90213
published_at	2026-04-01T12:55:00Z

value	0.05533
scoring_system	epss
scoring_elements	0.90216
published_at	2026-04-02T12:55:00Z

value	0.05533
scoring_system	epss
scoring_elements	0.90229
published_at	2026-04-04T12:55:00Z

value	0.05533
scoring_system	epss
scoring_elements	0.90233
published_at	2026-04-07T12:55:00Z

value	0.05533
scoring_system	epss
scoring_elements	0.90249
published_at	2026-04-08T12:55:00Z

value	0.05533
scoring_system	epss
scoring_elements	0.90256
published_at	2026-04-09T12:55:00Z

value	0.05533
scoring_system	epss
scoring_elements	0.90264
published_at	2026-04-11T12:55:00Z

value	0.05533
scoring_system	epss
scoring_elements	0.90263
published_at	2026-04-12T12:55:00Z

value	0.05533
scoring_system	epss
scoring_elements	0.90258
published_at	2026-04-13T12:55:00Z

value	0.05533
scoring_system	epss
scoring_elements	0.90274
published_at	2026-04-18T12:55:00Z

value	0.05533
scoring_system	epss
scoring_elements	0.9027
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-2210

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=507812
reference_id	507812
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=507812

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url	https://access.redhat.com/errata/RHSA-2009:1125
reference_id	RHSA-2009:1125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1125

reference_url	https://access.redhat.com/errata/RHSA-2009:1126
reference_id	RHSA-2009:1126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1126

reference_url	https://access.redhat.com/errata/RHSA-2009:1134
reference_id	RHSA-2009:1134
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1134

fixed_packages

aliases CVE-2009-2210

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j2c7-myq6-ubbh

url

VCID-j3ev-79tv-6ybf

vulnerability_id

VCID-j3ev-79tv-6ybf

summary

Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
    allow execution of arbitrary code or local privilege escalation.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1307.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1307.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1307

reference_id

reference_type

scores

value	0.01373
scoring_system	epss
scoring_elements	0.8027
published_at	2026-04-21T12:55:00Z

value	0.01373
scoring_system	epss
scoring_elements	0.80182
published_at	2026-04-01T12:55:00Z

value	0.01373
scoring_system	epss
scoring_elements	0.80189
published_at	2026-04-02T12:55:00Z

value	0.01373
scoring_system	epss
scoring_elements	0.80209
published_at	2026-04-04T12:55:00Z

value	0.01373
scoring_system	epss
scoring_elements	0.80198
published_at	2026-04-07T12:55:00Z

value	0.01373
scoring_system	epss
scoring_elements	0.80227
published_at	2026-04-08T12:55:00Z

value	0.01373
scoring_system	epss
scoring_elements	0.80237
published_at	2026-04-09T12:55:00Z

value	0.01373
scoring_system	epss
scoring_elements	0.80255
published_at	2026-04-11T12:55:00Z

value	0.01373
scoring_system	epss
scoring_elements	0.8024
published_at	2026-04-12T12:55:00Z

value	0.01373
scoring_system	epss
scoring_elements	0.80234
published_at	2026-04-13T12:55:00Z

value	0.01373
scoring_system	epss
scoring_elements	0.80264
published_at	2026-04-16T12:55:00Z

value	0.01373
scoring_system	epss
scoring_elements	0.80266
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1307

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=496263
reference_id	496263
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=496263

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1307
reference_id	CVE-2009-1307
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1307

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-17

reference_id

mfsa2009-17

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-17

reference_url	https://access.redhat.com/errata/RHSA-2009:0436
reference_id	RHSA-2009:0436
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0436

reference_url	https://access.redhat.com/errata/RHSA-2009:0437
reference_id	RHSA-2009:0437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0437

reference_url	https://access.redhat.com/errata/RHSA-2009:1125
reference_id	RHSA-2009:1125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1125

reference_url	https://access.redhat.com/errata/RHSA-2009:1126
reference_id	RHSA-2009:1126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1126

reference_url	https://usn.ubuntu.com/764-1/
reference_id	USN-764-1
reference_type
scores
url	https://usn.ubuntu.com/764-1/

reference_url	https://usn.ubuntu.com/782-1/
reference_id	USN-782-1
reference_type
scores
url	https://usn.ubuntu.com/782-1/

fixed_packages

aliases

CVE-2009-1307

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-j3ev-79tv-6ybf

url

VCID-k9rr-wea1-v3f7

vulnerability_id

VCID-k9rr-wea1-v3f7

summary

Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
    allow execution of arbitrary code or local privilege escalation.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1309.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1309.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1309

reference_id

reference_type

scores

value	0.01757
scoring_system	epss
scoring_elements	0.82631
published_at	2026-04-21T12:55:00Z

value	0.01757
scoring_system	epss
scoring_elements	0.82526
published_at	2026-04-01T12:55:00Z

value	0.01757
scoring_system	epss
scoring_elements	0.8254
published_at	2026-04-02T12:55:00Z

value	0.01757
scoring_system	epss
scoring_elements	0.82555
published_at	2026-04-04T12:55:00Z

value	0.01757
scoring_system	epss
scoring_elements	0.82551
published_at	2026-04-07T12:55:00Z

value	0.01757
scoring_system	epss
scoring_elements	0.82577
published_at	2026-04-08T12:55:00Z

value	0.01757
scoring_system	epss
scoring_elements	0.82585
published_at	2026-04-09T12:55:00Z

value	0.01757
scoring_system	epss
scoring_elements	0.82603
published_at	2026-04-11T12:55:00Z

value	0.01757
scoring_system	epss
scoring_elements	0.82597
published_at	2026-04-12T12:55:00Z

value	0.01757
scoring_system	epss
scoring_elements	0.8259
published_at	2026-04-13T12:55:00Z

value	0.01757
scoring_system	epss
scoring_elements	0.82627
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1309

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=496267
reference_id	496267
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=496267

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1309
reference_id	CVE-2009-1309
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1309

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-19

reference_id

mfsa2009-19

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-19

reference_url	https://access.redhat.com/errata/RHSA-2009:0436
reference_id	RHSA-2009:0436
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0436

reference_url	https://access.redhat.com/errata/RHSA-2009:0437
reference_id	RHSA-2009:0437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0437

reference_url	https://access.redhat.com/errata/RHSA-2009:1125
reference_id	RHSA-2009:1125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1125

reference_url	https://access.redhat.com/errata/RHSA-2009:1126
reference_id	RHSA-2009:1126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1126

reference_url	https://usn.ubuntu.com/764-1/
reference_id	USN-764-1
reference_type
scores
url	https://usn.ubuntu.com/764-1/

reference_url	https://usn.ubuntu.com/782-1/
reference_id	USN-782-1
reference_type
scores
url	https://usn.ubuntu.com/782-1/

fixed_packages

aliases

CVE-2009-1309

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-k9rr-wea1-v3f7

url

VCID-r4x1-akj3-b3hr

vulnerability_id

VCID-r4x1-akj3-b3hr

summary

Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
    allow execution of arbitrary code or local privilege escalation.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1838.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1838.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1838

reference_id

reference_type

scores

value	0.04629
scoring_system	epss
scoring_elements	0.8929
published_at	2026-04-18T12:55:00Z

value	0.04629
scoring_system	epss
scoring_elements	0.89231
published_at	2026-04-01T12:55:00Z

value	0.04629
scoring_system	epss
scoring_elements	0.89237
published_at	2026-04-02T12:55:00Z

value	0.04629
scoring_system	epss
scoring_elements	0.89251
published_at	2026-04-04T12:55:00Z

value	0.04629
scoring_system	epss
scoring_elements	0.89254
published_at	2026-04-07T12:55:00Z

value	0.04629
scoring_system	epss
scoring_elements	0.89271
published_at	2026-04-08T12:55:00Z

value	0.04629
scoring_system	epss
scoring_elements	0.89276
published_at	2026-04-09T12:55:00Z

value	0.04629
scoring_system	epss
scoring_elements	0.89285
published_at	2026-04-21T12:55:00Z

value	0.04629
scoring_system	epss
scoring_elements	0.89281
published_at	2026-04-12T12:55:00Z

value	0.04629
scoring_system	epss
scoring_elements	0.89277
published_at	2026-04-13T12:55:00Z

value	0.04629
scoring_system	epss
scoring_elements	0.89291
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1838

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=503580
reference_id	503580
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=503580

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1838
reference_id	CVE-2009-1838
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1838

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-29

reference_id

mfsa2009-29

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-29

reference_url	https://access.redhat.com/errata/RHSA-2009:1095
reference_id	RHSA-2009:1095
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1095

reference_url	https://access.redhat.com/errata/RHSA-2009:1096
reference_id	RHSA-2009:1096
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1096

reference_url	https://access.redhat.com/errata/RHSA-2009:1125
reference_id	RHSA-2009:1125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1125

reference_url	https://access.redhat.com/errata/RHSA-2009:1126
reference_id	RHSA-2009:1126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1126

reference_url	https://usn.ubuntu.com/779-1/
reference_id	USN-779-1
reference_type
scores
url	https://usn.ubuntu.com/779-1/

reference_url	https://usn.ubuntu.com/782-1/
reference_id	USN-782-1
reference_type
scores
url	https://usn.ubuntu.com/782-1/

fixed_packages

aliases

CVE-2009-1838

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-r4x1-akj3-b3hr

url VCID-vx2r-t51d-73h5

vulnerability_id VCID-vx2r-t51d-73h5

summary

Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
    allow execution of arbitrary code or local privilege escalation.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1306.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1306.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1306

reference_id

reference_type

scores

value	0.01841
scoring_system	epss
scoring_elements	0.82999
published_at	2026-04-21T12:55:00Z

value	0.01841
scoring_system	epss
scoring_elements	0.82893
published_at	2026-04-01T12:55:00Z

value	0.01841
scoring_system	epss
scoring_elements	0.82909
published_at	2026-04-02T12:55:00Z

value	0.01841
scoring_system	epss
scoring_elements	0.82922
published_at	2026-04-04T12:55:00Z

value	0.01841
scoring_system	epss
scoring_elements	0.82918
published_at	2026-04-07T12:55:00Z

value	0.01841
scoring_system	epss
scoring_elements	0.82943
published_at	2026-04-08T12:55:00Z

value	0.01841
scoring_system	epss
scoring_elements	0.8295
published_at	2026-04-09T12:55:00Z

value	0.01841
scoring_system	epss
scoring_elements	0.82966
published_at	2026-04-11T12:55:00Z

value	0.01841
scoring_system	epss
scoring_elements	0.82961
published_at	2026-04-12T12:55:00Z

value	0.01841
scoring_system	epss
scoring_elements	0.82957
published_at	2026-04-13T12:55:00Z

value	0.01841
scoring_system	epss
scoring_elements	0.82995
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1306

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=496262
reference_id	496262
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=496262

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1306
reference_id	CVE-2009-1306
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1306

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-16

reference_id

mfsa2009-16

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-16

reference_url	https://access.redhat.com/errata/RHSA-2009:0436
reference_id	RHSA-2009:0436
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0436

reference_url	https://access.redhat.com/errata/RHSA-2009:0437
reference_id	RHSA-2009:0437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0437

reference_url	https://access.redhat.com/errata/RHSA-2009:1125
reference_id	RHSA-2009:1125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1125

reference_url	https://access.redhat.com/errata/RHSA-2009:1126
reference_id	RHSA-2009:1126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1126

reference_url	https://usn.ubuntu.com/764-1/
reference_id	USN-764-1
reference_type
scores
url	https://usn.ubuntu.com/764-1/

reference_url	https://usn.ubuntu.com/782-1/
reference_id	USN-782-1
reference_type
scores
url	https://usn.ubuntu.com/782-1/

fixed_packages

aliases CVE-2009-1306

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vx2r-t51d-73h5

url

VCID-y9uf-pn44-7qcj

vulnerability_id

VCID-y9uf-pn44-7qcj

summary

Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
    allow execution of arbitrary code or local privilege escalation.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1392.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1392.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1392

reference_id

reference_type

scores

value	0.15734
scoring_system	epss
scoring_elements	0.94737
published_at	2026-04-21T12:55:00Z

value	0.15734
scoring_system	epss
scoring_elements	0.94684
published_at	2026-04-01T12:55:00Z

value	0.15734
scoring_system	epss
scoring_elements	0.94692
published_at	2026-04-02T12:55:00Z

value	0.15734
scoring_system	epss
scoring_elements	0.94696
published_at	2026-04-04T12:55:00Z

value	0.15734
scoring_system	epss
scoring_elements	0.94698
published_at	2026-04-07T12:55:00Z

value	0.15734
scoring_system	epss
scoring_elements	0.94708
published_at	2026-04-08T12:55:00Z

value	0.15734
scoring_system	epss
scoring_elements	0.94712
published_at	2026-04-09T12:55:00Z

value	0.15734
scoring_system	epss
scoring_elements	0.94716
published_at	2026-04-11T12:55:00Z

value	0.15734
scoring_system	epss
scoring_elements	0.9472
published_at	2026-04-12T12:55:00Z

value	0.15734
scoring_system	epss
scoring_elements	0.94721
published_at	2026-04-13T12:55:00Z

value	0.15734
scoring_system	epss
scoring_elements	0.9473
published_at	2026-04-16T12:55:00Z

value	0.15734
scoring_system	epss
scoring_elements	0.94732
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1392

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=503568
reference_id	503568
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=503568

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1392
reference_id	CVE-2009-1392
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1392

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-24

reference_id

mfsa2009-24

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-24

reference_url	https://access.redhat.com/errata/RHSA-2009:1095
reference_id	RHSA-2009:1095
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1095

reference_url	https://access.redhat.com/errata/RHSA-2009:1096
reference_id	RHSA-2009:1096
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1096

reference_url	https://access.redhat.com/errata/RHSA-2009:1125
reference_id	RHSA-2009:1125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1125

reference_url	https://access.redhat.com/errata/RHSA-2009:1126
reference_id	RHSA-2009:1126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1126

reference_url	https://usn.ubuntu.com/779-1/
reference_id	USN-779-1
reference_type
scores
url	https://usn.ubuntu.com/779-1/

reference_url	https://usn.ubuntu.com/782-1/
reference_id	USN-782-1
reference_type
scores
url	https://usn.ubuntu.com/782-1/

fixed_packages

aliases

CVE-2009-1392

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-y9uf-pn44-7qcj

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@2.0.0.22-2%3Farch=el5_3

Package Instance