{"url":"http://public2.vulnerablecode.io/api/packages/128407?format=json","purl":"pkg:rpm/redhat/thunderbird@1.5.0.12-23?arch=el4","type":"rpm","namespace":"redhat","name":"thunderbird","version":"1.5.0.12-23","qualifiers":{"arch":"el4"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52620?format=json","vulnerability_id":"VCID-1ntj-aahx-37hu","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1833.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1833.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1833","reference_id":"","reference_type":"","scores":[{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.93292","published_at":"2026-05-15T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.93176","published_at":"2026-04-01T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.93186","published_at":"2026-04-02T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.9319","published_at":"2026-04-04T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.93188","published_at":"2026-04-07T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.93197","published_at":"2026-04-08T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.93201","published_at":"2026-04-09T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.93206","published_at":"2026-04-11T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.93203","published_at":"2026-04-12T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.93205","published_at":"2026-04-13T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.9322","published_at":"2026-04-16T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.93225","published_at":"2026-04-18T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.93233","published_at":"2026-04-21T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.93238","published_at":"2026-04-24T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.93236","published_at":"2026-04-26T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.93231","published_at":"2026-04-29T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.93239","published_at":"2026-05-05T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.93253","published_at":"2026-05-07T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.93262","published_at":"2026-05-11T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.9327","published_at":"2026-05-12T12:55:00Z"},{"value":"0.1037","scoring_system":"epss","scoring_elements":"0.93285","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1833"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=503570","reference_id":"503570","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=503570"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1833","reference_id":"CVE-2009-1833","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1833"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-24","reference_id":"mfsa2009-24","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1095","reference_id":"RHSA-2009:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1096","reference_id":"RHSA-2009:1096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1125","reference_id":"RHSA-2009:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/779-1/","reference_id":"USN-779-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/779-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1833"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1ntj-aahx-37hu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52497?format=json","vulnerability_id":"VCID-33yw-68n5-kfb3","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1303.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1303.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1303","reference_id":"","reference_type":"","scores":[{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86281","published_at":"2026-05-15T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86053","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86064","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.8608","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86079","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86099","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86109","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86124","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86122","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86118","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86136","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86141","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86133","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86154","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86164","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86163","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86183","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86204","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86223","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86219","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86232","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86271","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1303"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=496253","reference_id":"496253","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=496253"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1303","reference_id":"CVE-2009-1303","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1303"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-14","reference_id":"mfsa2009-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0436","reference_id":"RHSA-2009:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0437","reference_id":"RHSA-2009:0437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1125","reference_id":"RHSA-2009:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/764-1/","reference_id":"USN-764-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/764-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1303"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-33yw-68n5-kfb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52509?format=json","vulnerability_id":"VCID-bf27-12ap-bbau","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1305.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1305.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1305","reference_id":"","reference_type":"","scores":[{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89486","published_at":"2026-05-15T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89327","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89332","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89343","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89345","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89362","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89366","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89375","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89372","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89368","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89384","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.8938","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89397","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89402","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89404","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89413","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89432","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89445","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89444","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89455","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89476","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1305"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=496256","reference_id":"496256","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=496256"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1305","reference_id":"CVE-2009-1305","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1305"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-14","reference_id":"mfsa2009-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0436","reference_id":"RHSA-2009:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0437","reference_id":"RHSA-2009:0437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1125","reference_id":"RHSA-2009:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/764-1/","reference_id":"USN-764-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/764-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1305"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bf27-12ap-bbau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52814?format=json","vulnerability_id":"VCID-j2c7-myq6-ubbh","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2210.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2210.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2210","reference_id":"","reference_type":"","scores":[{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.90213","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.90216","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.90229","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.90233","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.90249","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.90256","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.90264","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.90263","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.90258","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.90274","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.9027","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.90285","published_at":"2026-04-24T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.90284","published_at":"2026-04-26T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.90281","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.90293","published_at":"2026-05-05T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.90309","published_at":"2026-05-07T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.9032","published_at":"2026-05-09T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.90316","published_at":"2026-05-11T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.90325","published_at":"2026-05-12T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.90339","published_at":"2026-05-14T12:55:00Z"},{"value":"0.05533","scoring_system":"epss","scoring_elements":"0.90347","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2210"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=507812","reference_id":"507812","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=507812"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1125","reference_id":"RHSA-2009:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1134","reference_id":"RHSA-2009:1134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1134"}],"fixed_packages":[],"aliases":["CVE-2009-2210"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j2c7-myq6-ubbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52516?format=json","vulnerability_id":"VCID-j3ev-79tv-6ybf","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1307.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1307.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1307","reference_id":"","reference_type":"","scores":[{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80429","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80182","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80189","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80209","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80198","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80227","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80237","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80255","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.8024","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80234","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80264","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80266","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.8027","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80296","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80302","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80319","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80334","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80356","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80373","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80368","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80384","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80425","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1307"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=496263","reference_id":"496263","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=496263"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1307","reference_id":"CVE-2009-1307","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1307"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-17","reference_id":"mfsa2009-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0436","reference_id":"RHSA-2009:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0437","reference_id":"RHSA-2009:0437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1125","reference_id":"RHSA-2009:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/764-1/","reference_id":"USN-764-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/764-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1307"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j3ev-79tv-6ybf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52526?format=json","vulnerability_id":"VCID-k9rr-wea1-v3f7","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1309.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1309.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1309","reference_id":"","reference_type":"","scores":[{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.82791","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.82526","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.8254","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.82555","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.82551","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.82577","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.82585","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.82603","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.82597","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.8259","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.82627","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.82631","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.82652","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.82662","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.82668","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.82686","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.82708","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.82729","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.82727","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.82742","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.82782","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1309"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=496267","reference_id":"496267","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=496267"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1309","reference_id":"CVE-2009-1309","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1309"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-19","reference_id":"mfsa2009-19","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0436","reference_id":"RHSA-2009:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0437","reference_id":"RHSA-2009:0437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1125","reference_id":"RHSA-2009:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/764-1/","reference_id":"USN-764-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/764-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1309"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k9rr-wea1-v3f7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52692?format=json","vulnerability_id":"VCID-r4x1-akj3-b3hr","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1838.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1838.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1838","reference_id":"","reference_type":"","scores":[{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.8939","published_at":"2026-05-15T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89231","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89237","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89251","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89254","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89271","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89276","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89285","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89281","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89277","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89291","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.8929","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89303","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89308","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89311","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.8932","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89338","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89351","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.8935","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89361","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.8938","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1838"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=503580","reference_id":"503580","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=503580"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1838","reference_id":"CVE-2009-1838","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1838"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-29","reference_id":"mfsa2009-29","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1095","reference_id":"RHSA-2009:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1096","reference_id":"RHSA-2009:1096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1125","reference_id":"RHSA-2009:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/779-1/","reference_id":"USN-779-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/779-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1838"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r4x1-akj3-b3hr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52513?format=json","vulnerability_id":"VCID-vx2r-t51d-73h5","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1306.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1306.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1306","reference_id":"","reference_type":"","scores":[{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.83161","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.82893","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.82909","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.82922","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.82918","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.82943","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.8295","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.82966","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.82961","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.82957","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.82995","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.82999","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.83022","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.8303","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.83036","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.83058","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.83078","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.83099","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.83114","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.8315","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1306"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=496262","reference_id":"496262","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=496262"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1306","reference_id":"CVE-2009-1306","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1306"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-16","reference_id":"mfsa2009-16","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0436","reference_id":"RHSA-2009:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0437","reference_id":"RHSA-2009:0437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1125","reference_id":"RHSA-2009:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/764-1/","reference_id":"USN-764-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/764-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1306"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vx2r-t51d-73h5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52549?format=json","vulnerability_id":"VCID-y9uf-pn44-7qcj","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1392.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1392.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1392","reference_id":"","reference_type":"","scores":[{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94791","published_at":"2026-05-15T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94684","published_at":"2026-04-01T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94692","published_at":"2026-04-02T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94696","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94698","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94708","published_at":"2026-04-08T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94712","published_at":"2026-04-09T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94716","published_at":"2026-04-11T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.9472","published_at":"2026-04-12T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94721","published_at":"2026-04-13T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.9473","published_at":"2026-04-16T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94732","published_at":"2026-04-18T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94737","published_at":"2026-04-26T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94746","published_at":"2026-05-05T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94755","published_at":"2026-05-07T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94764","published_at":"2026-05-09T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.9477","published_at":"2026-05-11T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94776","published_at":"2026-05-12T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94788","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1392"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=503568","reference_id":"503568","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=503568"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1392","reference_id":"CVE-2009-1392","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1392"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-24","reference_id":"mfsa2009-24","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1095","reference_id":"RHSA-2009:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1096","reference_id":"RHSA-2009:1096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1125","reference_id":"RHSA-2009:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/779-1/","reference_id":"USN-779-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/779-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1392"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y9uf-pn44-7qcj"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@1.5.0.12-23%3Farch=el4"}