Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/86692?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/86692?format=api", "purl": "pkg:mozilla/Firefox@3.5.0", "type": "mozilla", "namespace": "", "name": "Firefox", "version": "3.5.0", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "3.5.1", "latest_non_vulnerable_version": "150.0.1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52907?format=api", "vulnerability_id": "VCID-4pkw-rf7p-rqbf", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2471.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2471.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2471", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02113", "scoring_system": "epss", "scoring_elements": "0.84179", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02113", "scoring_system": "epss", "scoring_elements": "0.84047", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02113", "scoring_system": "epss", "scoring_elements": "0.8406", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02113", "scoring_system": "epss", "scoring_elements": "0.84077", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02113", "scoring_system": "epss", "scoring_elements": "0.84079", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02113", "scoring_system": "epss", "scoring_elements": "0.84102", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02113", "scoring_system": "epss", "scoring_elements": "0.84108", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02113", "scoring_system": "epss", "scoring_elements": "0.84126", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02113", "scoring_system": "epss", "scoring_elements": "0.8412", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02113", "scoring_system": "epss", "scoring_elements": "0.84116", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02113", "scoring_system": "epss", "scoring_elements": "0.84138", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02113", "scoring_system": "epss", "scoring_elements": "0.84139", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02113", "scoring_system": "epss", "scoring_elements": "0.84143", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02113", "scoring_system": "epss", "scoring_elements": "0.84167", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02113", "scoring_system": "epss", "scoring_elements": "0.84173", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2471" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=512146", "reference_id": "512146", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2471", "reference_id": "CVE-2009-2471", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2471" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-39", "reference_id": "mfsa2009-39", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-39" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1162", "reference_id": "RHSA-2009:1162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1162" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86693?format=api", "purl": "pkg:mozilla/Firefox@3.0.12", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/86692?format=api", "purl": "pkg:mozilla/Firefox@3.5.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.0" } ], "aliases": [ "CVE-2009-2471" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4pkw-rf7p-rqbf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52909?format=api", "vulnerability_id": "VCID-c6yd-eygs-aub9", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2472.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2472.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2472", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72086", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.71961", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.71969", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.71989", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.71965", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72004", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72016", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.7204", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72024", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72008", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72049", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72057", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72042", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72085", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72092", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2472" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=512147", "reference_id": "512147", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2472", "reference_id": "CVE-2009-2472", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2472" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-40", "reference_id": "mfsa2009-40", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-40" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1162", "reference_id": "RHSA-2009:1162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1162" }, { "reference_url": "https://usn.ubuntu.com/798-1/", "reference_id": "USN-798-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/798-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86693?format=api", "purl": "pkg:mozilla/Firefox@3.0.12", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/86692?format=api", "purl": "pkg:mozilla/Firefox@3.5.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.0" } ], "aliases": [ "CVE-2009-2472" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c6yd-eygs-aub9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52831?format=api", "vulnerability_id": "VCID-frwk-mbxe-jbhp", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2404.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2404.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2404", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21024", "scoring_system": "epss", "scoring_elements": "0.95658", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.21024", "scoring_system": "epss", "scoring_elements": "0.95606", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.21024", "scoring_system": "epss", "scoring_elements": "0.95615", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.21024", "scoring_system": "epss", "scoring_elements": "0.9562", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.21024", "scoring_system": "epss", "scoring_elements": "0.95623", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.21024", "scoring_system": "epss", "scoring_elements": "0.95631", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.21024", "scoring_system": "epss", "scoring_elements": "0.95635", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.21024", "scoring_system": "epss", "scoring_elements": "0.9564", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.21024", "scoring_system": "epss", "scoring_elements": "0.95642", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.21024", "scoring_system": "epss", "scoring_elements": "0.9565", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.21024", "scoring_system": "epss", "scoring_elements": "0.95654", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.21024", "scoring_system": "epss", "scoring_elements": "0.95655", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.21024", "scoring_system": "epss", "scoring_elements": "0.95656", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2404" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=512912", "reference_id": "512912", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512912" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539934", "reference_id": "539934", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2404", "reference_id": "CVE-2009-2404", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2404" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-43", "reference_id": "mfsa2009-43", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-43" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1184", "reference_id": "RHSA-2009:1184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1185", "reference_id": "RHSA-2009:1185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1186", "reference_id": "RHSA-2009:1186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1186" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1190", "reference_id": "RHSA-2009:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1207", "reference_id": "RHSA-2009:1207", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1207" }, { "reference_url": "https://usn.ubuntu.com/810-1/", "reference_id": "USN-810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86702?format=api", "purl": "pkg:mozilla/Firefox@3.0.13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/86692?format=api", "purl": "pkg:mozilla/Firefox@3.5.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.0" } ], "aliases": [ "CVE-2009-2404" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-frwk-mbxe-jbhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36548?format=api", "vulnerability_id": "VCID-qe3v-4hsx-syec", "summary": "Multiple vulnerabilities have been found in Pango, the worst of\n which allow execution of arbitrary code or Denial of Service.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2468", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.23738", "scoring_system": "epss", "scoring_elements": "0.96021", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.23738", "scoring_system": "epss", "scoring_elements": "0.95969", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.23738", "scoring_system": "epss", "scoring_elements": "0.95976", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.23738", "scoring_system": "epss", "scoring_elements": "0.95983", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.23738", "scoring_system": "epss", "scoring_elements": "0.95987", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.23738", "scoring_system": "epss", "scoring_elements": "0.95996", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.23738", "scoring_system": "epss", "scoring_elements": "0.95998", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.23738", "scoring_system": "epss", "scoring_elements": "0.96002", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.23738", "scoring_system": "epss", "scoring_elements": "0.96004", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.23738", "scoring_system": "epss", "scoring_elements": "0.96014", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.23738", "scoring_system": "epss", "scoring_elements": "0.96019", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.23738", "scoring_system": "epss", "scoring_elements": "0.9602", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2468", "reference_id": "CVE-2009-2468", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2468" }, { "reference_url": "https://security.gentoo.org/glsa/201405-13", "reference_id": "GLSA-201405-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201405-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-36", "reference_id": "mfsa2009-36", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-36" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86693?format=api", "purl": "pkg:mozilla/Firefox@3.0.12", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/86692?format=api", "purl": "pkg:mozilla/Firefox@3.5.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.0" } ], "aliases": [ "CVE-2009-2468" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qe3v-4hsx-syec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52841?format=api", "vulnerability_id": "VCID-uytp-sf6j-xyf6", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2408.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2408.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01855", "scoring_system": "epss", "scoring_elements": "0.83095", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01855", "scoring_system": "epss", "scoring_elements": "0.83088", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01855", "scoring_system": "epss", "scoring_elements": "0.83054", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01855", "scoring_system": "epss", "scoring_elements": "0.83057", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01855", "scoring_system": "epss", "scoring_elements": "0.8308", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02503", "scoring_system": "epss", "scoring_elements": "0.85329", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02503", "scoring_system": "epss", "scoring_elements": "0.85337", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02503", "scoring_system": "epss", "scoring_elements": "0.85351", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02503", "scoring_system": "epss", "scoring_elements": "0.85346", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02503", "scoring_system": "epss", "scoring_elements": "0.85349", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02503", "scoring_system": "epss", "scoring_elements": "0.85274", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02503", "scoring_system": "epss", "scoring_elements": "0.85286", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02503", "scoring_system": "epss", "scoring_elements": "0.85305", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02503", "scoring_system": "epss", "scoring_elements": "0.85307", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03361", "scoring_system": "epss", "scoring_elements": "0.87363", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2408" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=510251", "reference_id": "510251", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=510251" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539934", "reference_id": "539934", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408", "reference_id": "CVE-2009-2408", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-42", "reference_id": "mfsa2009-42", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-42" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1184", "reference_id": "RHSA-2009:1184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1186", "reference_id": "RHSA-2009:1186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1186" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1190", "reference_id": "RHSA-2009:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1207", "reference_id": "RHSA-2009:1207", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1207" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1432", "reference_id": "RHSA-2009:1432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1432" }, { "reference_url": "https://usn.ubuntu.com/810-1/", "reference_id": "USN-810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86702?format=api", "purl": "pkg:mozilla/Firefox@3.0.13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/86692?format=api", "purl": "pkg:mozilla/Firefox@3.5.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.0" } ], "aliases": [ "CVE-2009-2408" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uytp-sf6j-xyf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52857?format=api", "vulnerability_id": "VCID-v7mb-nqbm-93bs", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2462.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2462.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2462", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0345", "scoring_system": "epss", "scoring_elements": "0.87548", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0345", "scoring_system": "epss", "scoring_elements": "0.87458", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0345", "scoring_system": "epss", "scoring_elements": "0.87468", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0345", "scoring_system": "epss", "scoring_elements": "0.87481", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0345", "scoring_system": "epss", "scoring_elements": "0.87483", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0345", "scoring_system": "epss", "scoring_elements": "0.87503", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0345", "scoring_system": "epss", "scoring_elements": "0.87509", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0345", "scoring_system": "epss", "scoring_elements": "0.87521", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0345", "scoring_system": "epss", "scoring_elements": "0.87516", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0345", "scoring_system": "epss", "scoring_elements": "0.87513", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0345", "scoring_system": "epss", "scoring_elements": "0.87527", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0345", "scoring_system": "epss", "scoring_elements": "0.87529", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0345", "scoring_system": "epss", "scoring_elements": "0.87543", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0345", "scoring_system": "epss", "scoring_elements": "0.8755", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2462" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=512128", "reference_id": "512128", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2462", "reference_id": "CVE-2009-2462", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2462" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-34", "reference_id": "mfsa2009-34", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-34" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1162", "reference_id": "RHSA-2009:1162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1163", "reference_id": "RHSA-2009:1163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0153", "reference_id": "RHSA-2010:0153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0153" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0154", "reference_id": "RHSA-2010:0154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0154" }, { "reference_url": "https://usn.ubuntu.com/798-1/", "reference_id": "USN-798-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/798-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86693?format=api", "purl": "pkg:mozilla/Firefox@3.0.12", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/86692?format=api", "purl": "pkg:mozilla/Firefox@3.5.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.0" } ], "aliases": [ "CVE-2009-2462" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v7mb-nqbm-93bs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52898?format=api", "vulnerability_id": "VCID-vcf4-bvnh-mkak", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2469.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2469.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2469", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04119", "scoring_system": "epss", "scoring_elements": "0.88652", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.04119", "scoring_system": "epss", "scoring_elements": "0.88566", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04119", "scoring_system": "epss", "scoring_elements": "0.88575", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04119", "scoring_system": "epss", "scoring_elements": "0.88592", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04119", "scoring_system": "epss", "scoring_elements": "0.88595", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04119", "scoring_system": "epss", "scoring_elements": "0.88613", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04119", "scoring_system": "epss", "scoring_elements": "0.88618", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04119", "scoring_system": "epss", "scoring_elements": "0.8863", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04119", "scoring_system": "epss", "scoring_elements": "0.88622", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04119", "scoring_system": "epss", "scoring_elements": "0.88623", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04119", "scoring_system": "epss", "scoring_elements": "0.88636", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04119", "scoring_system": "epss", "scoring_elements": "0.88633", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04119", "scoring_system": "epss", "scoring_elements": "0.88631", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04119", "scoring_system": "epss", "scoring_elements": "0.88647", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04119", "scoring_system": "epss", "scoring_elements": "0.88653", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2469" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=512142", "reference_id": "512142", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512142" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2469", "reference_id": "CVE-2009-2469", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2469" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-37", "reference_id": "mfsa2009-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1162", "reference_id": "RHSA-2009:1162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1162" }, { "reference_url": "https://usn.ubuntu.com/798-1/", "reference_id": "USN-798-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/798-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86693?format=api", "purl": "pkg:mozilla/Firefox@3.0.12", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/86692?format=api", "purl": "pkg:mozilla/Firefox@3.5.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.0" } ], "aliases": [ "CVE-2009-2469" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vcf4-bvnh-mkak" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.0" }