Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/128411?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/128411?format=api", "purl": "pkg:rpm/redhat/firefox@3.0.11-2?arch=el5_3", "type": "rpm", "namespace": "redhat", "name": "firefox", "version": "3.0.11-2", "qualifiers": { "arch": "el5_3" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52620?format=api", "vulnerability_id": "VCID-1ntj-aahx-37hu", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1833.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1833.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1833", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.9322", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.93176", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.93186", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.9319", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.93188", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.93197", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.93201", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.93206", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.93203", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.93205", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1833" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=503570", "reference_id": "503570", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=503570" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1833", "reference_id": "CVE-2009-1833", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1833" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-24", "reference_id": "mfsa2009-24", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1095", "reference_id": "RHSA-2009:1095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1096", "reference_id": "RHSA-2009:1096", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1096" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1125", "reference_id": "RHSA-2009:1125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1126", "reference_id": "RHSA-2009:1126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1126" }, { "reference_url": "https://usn.ubuntu.com/779-1/", "reference_id": "USN-779-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/779-1/" }, { "reference_url": "https://usn.ubuntu.com/782-1/", "reference_id": "USN-782-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/782-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-1833" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1ntj-aahx-37hu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52659?format=api", "vulnerability_id": "VCID-44gu-7x3j-hydk", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1836.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1836.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1836", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02032", "scoring_system": "epss", "scoring_elements": "0.83837", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02032", "scoring_system": "epss", "scoring_elements": "0.83738", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02032", "scoring_system": "epss", "scoring_elements": "0.83751", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02032", "scoring_system": "epss", "scoring_elements": "0.83766", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02032", "scoring_system": "epss", "scoring_elements": "0.83768", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02032", "scoring_system": "epss", "scoring_elements": "0.83792", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02032", "scoring_system": "epss", "scoring_elements": "0.83799", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02032", "scoring_system": "epss", "scoring_elements": "0.83814", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02032", "scoring_system": "epss", "scoring_elements": "0.83808", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02032", "scoring_system": "epss", "scoring_elements": "0.83804", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1836" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=503578", "reference_id": "503578", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=503578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1836", "reference_id": "CVE-2009-1836", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1836" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-27", "reference_id": "mfsa2009-27", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1095", "reference_id": "RHSA-2009:1095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1126", "reference_id": "RHSA-2009:1126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1126" }, { "reference_url": "https://usn.ubuntu.com/779-1/", "reference_id": "USN-779-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/779-1/" }, { "reference_url": "https://usn.ubuntu.com/782-1/", "reference_id": "USN-782-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/782-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-1836" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-44gu-7x3j-hydk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52671?format=api", "vulnerability_id": "VCID-57n8-64qu-myak", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1837.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1837.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1837", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02184", "scoring_system": "epss", "scoring_elements": "0.84387", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02184", "scoring_system": "epss", "scoring_elements": "0.84296", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02184", "scoring_system": "epss", "scoring_elements": "0.84309", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02184", "scoring_system": "epss", "scoring_elements": "0.84329", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02184", "scoring_system": "epss", "scoring_elements": "0.84331", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02184", "scoring_system": "epss", "scoring_elements": "0.84353", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02184", "scoring_system": "epss", "scoring_elements": "0.84359", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02184", "scoring_system": "epss", "scoring_elements": "0.84376", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02184", "scoring_system": "epss", "scoring_elements": "0.84369", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02184", "scoring_system": "epss", "scoring_elements": "0.84365", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1837" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=503579", "reference_id": "503579", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=503579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1837", "reference_id": "CVE-2009-1837", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1837" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-28", "reference_id": "mfsa2009-28", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-28" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1095", "reference_id": "RHSA-2009:1095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1095" }, { "reference_url": "https://usn.ubuntu.com/779-1/", "reference_id": "USN-779-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/779-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-1837" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-57n8-64qu-myak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52732?format=api", "vulnerability_id": "VCID-9qwt-b4rw-1bgp", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1841.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1841.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1841", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04241", "scoring_system": "epss", "scoring_elements": "0.88803", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04241", "scoring_system": "epss", "scoring_elements": "0.88732", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04241", "scoring_system": "epss", "scoring_elements": "0.88741", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04241", "scoring_system": "epss", "scoring_elements": "0.88758", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04241", "scoring_system": "epss", "scoring_elements": "0.8876", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04241", "scoring_system": "epss", "scoring_elements": "0.88777", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04241", "scoring_system": "epss", "scoring_elements": "0.88782", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04241", "scoring_system": "epss", "scoring_elements": "0.88794", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04241", "scoring_system": "epss", "scoring_elements": "0.88789", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1841" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=503583", "reference_id": "503583", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=503583" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1841", "reference_id": "CVE-2009-1841", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1841" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-32", "reference_id": "mfsa2009-32", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1095", "reference_id": "RHSA-2009:1095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1096", "reference_id": "RHSA-2009:1096", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1096" }, { "reference_url": "https://usn.ubuntu.com/779-1/", "reference_id": "USN-779-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/779-1/" }, { "reference_url": "https://usn.ubuntu.com/782-1/", "reference_id": "USN-782-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/782-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-1841" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9qwt-b4rw-1bgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52604?format=api", "vulnerability_id": "VCID-db18-kk74-8qdn", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1832.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1832.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1832", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.9322", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.93176", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.93186", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.9319", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.93188", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.93197", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.93201", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.93206", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.93203", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.1037", "scoring_system": "epss", "scoring_elements": "0.93205", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1832" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=503569", "reference_id": "503569", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=503569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1832", "reference_id": "CVE-2009-1832", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1832" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-24", "reference_id": "mfsa2009-24", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1095", "reference_id": "RHSA-2009:1095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1095" }, { "reference_url": "https://usn.ubuntu.com/779-1/", "reference_id": "USN-779-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/779-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-1832" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-db18-kk74-8qdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52644?format=api", "vulnerability_id": "VCID-k3ye-858q-x3ew", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1835.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1835.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1835", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01548", "scoring_system": "epss", "scoring_elements": "0.81441", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01548", "scoring_system": "epss", "scoring_elements": "0.8134", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01548", "scoring_system": "epss", "scoring_elements": "0.81349", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01548", "scoring_system": "epss", "scoring_elements": "0.81371", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01548", "scoring_system": "epss", "scoring_elements": "0.81369", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01548", "scoring_system": "epss", "scoring_elements": "0.81397", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01548", "scoring_system": "epss", "scoring_elements": "0.81402", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01548", "scoring_system": "epss", "scoring_elements": "0.81423", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01548", "scoring_system": "epss", "scoring_elements": "0.81411", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01548", "scoring_system": "epss", "scoring_elements": "0.81404", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1835" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=503576", "reference_id": "503576", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=503576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1835", "reference_id": "CVE-2009-1835", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1835" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-26", "reference_id": "mfsa2009-26", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1095", "reference_id": "RHSA-2009:1095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1096", "reference_id": "RHSA-2009:1096", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1096" }, { "reference_url": "https://usn.ubuntu.com/779-1/", "reference_id": "USN-779-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/779-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-1835" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k3ye-858q-x3ew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52722?format=api", "vulnerability_id": "VCID-pgaf-4nfj-57df", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1840.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1840.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1840", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01388", "scoring_system": "epss", "scoring_elements": "0.80365", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01388", "scoring_system": "epss", "scoring_elements": "0.80284", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01388", "scoring_system": "epss", "scoring_elements": "0.80291", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01388", "scoring_system": "epss", "scoring_elements": "0.80311", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01388", "scoring_system": "epss", "scoring_elements": "0.80299", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01388", "scoring_system": "epss", "scoring_elements": "0.80327", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01388", "scoring_system": "epss", "scoring_elements": "0.80338", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01388", "scoring_system": "epss", "scoring_elements": "0.80357", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01388", "scoring_system": "epss", "scoring_elements": "0.80342", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01388", "scoring_system": "epss", "scoring_elements": "0.80335", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1840" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=503582", "reference_id": "503582", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=503582" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1840", "reference_id": "CVE-2009-1840", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1840" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-31", "reference_id": "mfsa2009-31", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-31" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1095", "reference_id": "RHSA-2009:1095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1095" }, { "reference_url": "https://usn.ubuntu.com/779-1/", "reference_id": "USN-779-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/779-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-1840" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pgaf-4nfj-57df" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52629?format=api", "vulnerability_id": "VCID-phpq-mxd3-zfe1", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1834.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1834.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1834", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11374", "scoring_system": "epss", "scoring_elements": "0.93572", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.11374", "scoring_system": "epss", "scoring_elements": "0.93518", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.11374", "scoring_system": "epss", "scoring_elements": "0.93527", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11374", "scoring_system": "epss", "scoring_elements": "0.93535", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11374", "scoring_system": "epss", "scoring_elements": "0.93543", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11374", "scoring_system": "epss", "scoring_elements": "0.93546", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11374", "scoring_system": "epss", "scoring_elements": "0.93552", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.11374", "scoring_system": "epss", "scoring_elements": "0.93553", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1834" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=503573", "reference_id": "503573", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=503573" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1834", "reference_id": "CVE-2009-1834", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1834" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33039.txt", "reference_id": "CVE-2009-1834;OSVDB-55162", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33039.txt" }, { "reference_url": "https://www.securityfocus.com/bid/35388/info", "reference_id": "CVE-2009-1834;OSVDB-55162", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/35388/info" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-25", "reference_id": "mfsa2009-25", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1095", "reference_id": "RHSA-2009:1095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1095" }, { "reference_url": "https://usn.ubuntu.com/779-1/", "reference_id": "USN-779-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/779-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-1834" ], "risk_score": 5.4, "exploitability": "2.0", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-phpq-mxd3-zfe1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52692?format=api", "vulnerability_id": "VCID-r4x1-akj3-b3hr", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1838.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1838.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1838", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04629", "scoring_system": "epss", "scoring_elements": "0.89291", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04629", "scoring_system": "epss", "scoring_elements": "0.89231", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04629", "scoring_system": "epss", "scoring_elements": "0.89237", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04629", "scoring_system": "epss", "scoring_elements": "0.89251", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04629", "scoring_system": "epss", "scoring_elements": "0.89254", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04629", "scoring_system": "epss", "scoring_elements": "0.89271", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04629", "scoring_system": "epss", "scoring_elements": "0.89276", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04629", "scoring_system": "epss", "scoring_elements": "0.89285", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04629", "scoring_system": "epss", "scoring_elements": "0.89281", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04629", "scoring_system": "epss", "scoring_elements": "0.89277", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1838" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=503580", "reference_id": "503580", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=503580" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1838", "reference_id": "CVE-2009-1838", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1838" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-29", "reference_id": "mfsa2009-29", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1095", "reference_id": "RHSA-2009:1095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1096", "reference_id": "RHSA-2009:1096", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1096" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1125", "reference_id": "RHSA-2009:1125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1126", "reference_id": "RHSA-2009:1126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1126" }, { "reference_url": "https://usn.ubuntu.com/779-1/", "reference_id": "USN-779-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/779-1/" }, { "reference_url": "https://usn.ubuntu.com/782-1/", "reference_id": "USN-782-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/782-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-1838" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r4x1-akj3-b3hr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52549?format=api", "vulnerability_id": "VCID-y9uf-pn44-7qcj", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1392.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1392.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1392", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15734", "scoring_system": "epss", "scoring_elements": "0.9473", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.15734", "scoring_system": "epss", "scoring_elements": "0.94684", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.15734", "scoring_system": "epss", "scoring_elements": "0.94692", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.15734", "scoring_system": "epss", "scoring_elements": "0.94696", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.15734", "scoring_system": "epss", "scoring_elements": "0.94698", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.15734", "scoring_system": "epss", "scoring_elements": "0.94708", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.15734", "scoring_system": "epss", "scoring_elements": "0.94712", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.15734", "scoring_system": "epss", "scoring_elements": "0.94716", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.15734", "scoring_system": "epss", "scoring_elements": "0.9472", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.15734", "scoring_system": "epss", "scoring_elements": "0.94721", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1392" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=503568", "reference_id": "503568", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=503568" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1392", "reference_id": "CVE-2009-1392", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1392" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-24", "reference_id": "mfsa2009-24", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1095", "reference_id": "RHSA-2009:1095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1096", "reference_id": "RHSA-2009:1096", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1096" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1125", "reference_id": "RHSA-2009:1125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1126", "reference_id": "RHSA-2009:1126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1126" }, { "reference_url": "https://usn.ubuntu.com/779-1/", "reference_id": "USN-779-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/779-1/" }, { "reference_url": "https://usn.ubuntu.com/782-1/", "reference_id": "USN-782-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/782-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-1392" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y9uf-pn44-7qcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52703?format=api", "vulnerability_id": "VCID-z3x8-v5u2-6yak", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1839.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1839.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1839", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15161", "scoring_system": "epss", "scoring_elements": "0.94611", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.15161", "scoring_system": "epss", "scoring_elements": "0.94561", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.15161", "scoring_system": "epss", "scoring_elements": "0.94568", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.15161", "scoring_system": "epss", "scoring_elements": "0.94575", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.15161", "scoring_system": "epss", "scoring_elements": "0.94577", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.15161", "scoring_system": "epss", "scoring_elements": "0.94587", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.15161", "scoring_system": "epss", "scoring_elements": "0.94591", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.15161", "scoring_system": "epss", "scoring_elements": "0.94594", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.15161", "scoring_system": "epss", "scoring_elements": "0.94597", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1839" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=503581", "reference_id": "503581", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=503581" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1839", "reference_id": "CVE-2009-1839", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1839" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/10544.html", "reference_id": "CVE-2009-1839;OSVDB-55163", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/10544.html" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-30", "reference_id": "mfsa2009-30", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1095", "reference_id": "RHSA-2009:1095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1095" }, { "reference_url": "https://usn.ubuntu.com/779-1/", "reference_id": "USN-779-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/779-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-1839" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z3x8-v5u2-6yak" } ], "fixing_vulnerabilities": [], "risk_score": "5.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@3.0.11-2%3Farch=el5_3" }