{"url":"http://public2.vulnerablecode.io/api/packages/368987?format=json","purl":"pkg:rpm/redhat/java-1.4.2-ibm@1.4.2.13.3-1jpp.1?arch=el5","type":"rpm","namespace":"redhat","name":"java-1.4.2-ibm","version":"1.4.2.13.3-1jpp.1","qualifiers":{"arch":"el5"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181828?format=json","vulnerability_id":"VCID-2rsz-ejpv-1ueh","summary":"Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n    including the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3867.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3867.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3867","reference_id":"","reference_type":"","scores":[{"value":"0.89141","scoring_system":"epss","scoring_elements":"0.99553","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3867"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=533214","reference_id":"533214","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=533214"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33315.java","reference_id":"CVE-2009-3867;OSVDB-59711","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33315.java"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/16294.rb","reference_id":"CVE-2009-3867;OSVDB-59711","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/16294.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33316.java","reference_id":"CVE-2009-3867;OSVDB-59711","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33316.java"},{"reference_url":"https://www.securityfocus.com/bid/36881/info","reference_id":"CVE-2009-3867;OSVDB-59711","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/36881/info"},{"reference_url":"http://zerodayinitiative.com/advisories/ZDI-09-076/","reference_id":"CVE-2009-3867;OSVDB-59711","reference_type":"exploit","scores":[],"url":"http://zerodayinitiative.com/advisories/ZDI-09-076/"},{"reference_url":"https://security.gentoo.org/glsa/200911-02","reference_id":"GLSA-200911-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200911-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1560","reference_id":"RHSA-2009:1560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1571","reference_id":"RHSA-2009:1571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1643","reference_id":"RHSA-2009:1643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1643"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1647","reference_id":"RHSA-2009:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0043","reference_id":"RHSA-2010:0043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0043"}],"fixed_packages":[],"aliases":["CVE-2009-3867"],"risk_score":1.6,"exploitability":"2.0","weighted_severity":"0.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2rsz-ejpv-1ueh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181835?format=json","vulnerability_id":"VCID-bbg6-wrje-r3f4","summary":"Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n    including the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3875.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3875.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3875","reference_id":"","reference_type":"","scores":[{"value":"0.01651","scoring_system":"epss","scoring_elements":"0.82425","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01651","scoring_system":"epss","scoring_elements":"0.82487","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3875"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530057","reference_id":"530057","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530057"},{"reference_url":"https://security.gentoo.org/glsa/200911-02","reference_id":"GLSA-200911-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200911-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1560","reference_id":"RHSA-2009:1560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1571","reference_id":"RHSA-2009:1571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1584","reference_id":"RHSA-2009:1584","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1584"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1643","reference_id":"RHSA-2009:1643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1643"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1647","reference_id":"RHSA-2009:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0043","reference_id":"RHSA-2010:0043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0043"},{"reference_url":"https://usn.ubuntu.com/859-1/","reference_id":"USN-859-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/859-1/"}],"fixed_packages":[],"aliases":["CVE-2009-3875"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bbg6-wrje-r3f4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181831?format=json","vulnerability_id":"VCID-dgs4-7qg3-eyg6","summary":"Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n    including the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3871.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3871.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3871","reference_id":"","reference_type":"","scores":[{"value":"0.12545","scoring_system":"epss","scoring_elements":"0.94099","published_at":"2026-06-11T12:55:00Z"},{"value":"0.12545","scoring_system":"epss","scoring_elements":"0.94119","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3871"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530063","reference_id":"530063","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530063"},{"reference_url":"https://security.gentoo.org/glsa/200911-02","reference_id":"GLSA-200911-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200911-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1560","reference_id":"RHSA-2009:1560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1571","reference_id":"RHSA-2009:1571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1584","reference_id":"RHSA-2009:1584","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1584"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1643","reference_id":"RHSA-2009:1643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1643"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1647","reference_id":"RHSA-2009:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0043","reference_id":"RHSA-2010:0043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0043"},{"reference_url":"https://usn.ubuntu.com/859-1/","reference_id":"USN-859-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/859-1/"}],"fixed_packages":[],"aliases":["CVE-2009-3871"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dgs4-7qg3-eyg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181840?format=json","vulnerability_id":"VCID-pbzf-pv1s-y3gr","summary":"Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n    including the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3877.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3877.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3877","reference_id":"","reference_type":"","scores":[{"value":"0.10153","scoring_system":"epss","scoring_elements":"0.93276","published_at":"2026-06-11T12:55:00Z"},{"value":"0.10153","scoring_system":"epss","scoring_elements":"0.93298","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3877"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530061","reference_id":"530061","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530061"},{"reference_url":"https://security.gentoo.org/glsa/200911-02","reference_id":"GLSA-200911-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200911-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1551","reference_id":"RHSA-2009:1551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1560","reference_id":"RHSA-2009:1560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1571","reference_id":"RHSA-2009:1571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1584","reference_id":"RHSA-2009:1584","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1584"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1643","reference_id":"RHSA-2009:1643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1643"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1647","reference_id":"RHSA-2009:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1662","reference_id":"RHSA-2009:1662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0043","reference_id":"RHSA-2010:0043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0043"},{"reference_url":"https://usn.ubuntu.com/859-1/","reference_id":"USN-859-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/859-1/"}],"fixed_packages":[],"aliases":["CVE-2009-3877"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pbzf-pv1s-y3gr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181834?format=json","vulnerability_id":"VCID-ptar-xuhb-f7gv","summary":"Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n    including the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3874.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3874.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3874","reference_id":"","reference_type":"","scores":[{"value":"0.16847","scoring_system":"epss","scoring_elements":"0.95104","published_at":"2026-06-11T12:55:00Z"},{"value":"0.16847","scoring_system":"epss","scoring_elements":"0.9512","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3874"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530067","reference_id":"530067","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530067"},{"reference_url":"https://security.gentoo.org/glsa/200911-02","reference_id":"GLSA-200911-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200911-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1560","reference_id":"RHSA-2009:1560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1571","reference_id":"RHSA-2009:1571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1584","reference_id":"RHSA-2009:1584","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1584"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1643","reference_id":"RHSA-2009:1643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1643"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1647","reference_id":"RHSA-2009:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0043","reference_id":"RHSA-2010:0043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0043"},{"reference_url":"https://usn.ubuntu.com/859-1/","reference_id":"USN-859-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/859-1/"}],"fixed_packages":[],"aliases":["CVE-2009-3874"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ptar-xuhb-f7gv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181830?format=json","vulnerability_id":"VCID-pwmh-3u9n-xbay","summary":"Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n    including the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3869.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3869.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3869","reference_id":"","reference_type":"","scores":[{"value":"0.78477","scoring_system":"epss","scoring_elements":"0.9906","published_at":"2026-06-11T12:55:00Z"},{"value":"0.78477","scoring_system":"epss","scoring_elements":"0.99065","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3869"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530062","reference_id":"530062","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530062"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/16298.rb","reference_id":"CVE-2009-3869;OSVDB-59710","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/16298.rb"},{"reference_url":"http://www.zerodayinitiative.com/advisories/ZDI-09-078/","reference_id":"CVE-2009-3869;OSVDB-59710","reference_type":"exploit","scores":[],"url":"http://www.zerodayinitiative.com/advisories/ZDI-09-078/"},{"reference_url":"https://security.gentoo.org/glsa/200911-02","reference_id":"GLSA-200911-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200911-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1560","reference_id":"RHSA-2009:1560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1571","reference_id":"RHSA-2009:1571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1584","reference_id":"RHSA-2009:1584","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1584"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1643","reference_id":"RHSA-2009:1643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1643"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1647","reference_id":"RHSA-2009:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0043","reference_id":"RHSA-2010:0043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0043"},{"reference_url":"https://usn.ubuntu.com/859-1/","reference_id":"USN-859-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/859-1/"}],"fixed_packages":[],"aliases":["CVE-2009-3869"],"risk_score":1.4,"exploitability":"2.0","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pwmh-3u9n-xbay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181836?format=json","vulnerability_id":"VCID-q988-1gh2-87bq","summary":"Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n    including the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3876.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3876.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3876","reference_id":"","reference_type":"","scores":[{"value":"0.11021","scoring_system":"epss","scoring_elements":"0.93603","published_at":"2026-06-11T12:55:00Z"},{"value":"0.11021","scoring_system":"epss","scoring_elements":"0.93624","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3876"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530061","reference_id":"530061","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530061"},{"reference_url":"https://security.gentoo.org/glsa/200911-02","reference_id":"GLSA-200911-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200911-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1551","reference_id":"RHSA-2009:1551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1560","reference_id":"RHSA-2009:1560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1571","reference_id":"RHSA-2009:1571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1584","reference_id":"RHSA-2009:1584","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1584"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1643","reference_id":"RHSA-2009:1643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1643"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1647","reference_id":"RHSA-2009:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1662","reference_id":"RHSA-2009:1662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0043","reference_id":"RHSA-2010:0043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0043"},{"reference_url":"https://usn.ubuntu.com/859-1/","reference_id":"USN-859-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/859-1/"}],"fixed_packages":[],"aliases":["CVE-2009-3876"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q988-1gh2-87bq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181829?format=json","vulnerability_id":"VCID-swbr-25ac-ffds","summary":"Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n    including the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3868.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3868.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3868","reference_id":"","reference_type":"","scores":[{"value":"0.1314","scoring_system":"epss","scoring_elements":"0.94282","published_at":"2026-06-11T12:55:00Z"},{"value":"0.1314","scoring_system":"epss","scoring_elements":"0.94302","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3868"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=533215","reference_id":"533215","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=533215"},{"reference_url":"https://security.gentoo.org/glsa/200911-02","reference_id":"GLSA-200911-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200911-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1551","reference_id":"RHSA-2009:1551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1560","reference_id":"RHSA-2009:1560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1571","reference_id":"RHSA-2009:1571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1643","reference_id":"RHSA-2009:1643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1643"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1647","reference_id":"RHSA-2009:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0043","reference_id":"RHSA-2010:0043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0043"}],"fixed_packages":[],"aliases":["CVE-2009-3868"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-swbr-25ac-ffds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181832?format=json","vulnerability_id":"VCID-xtqp-h3n1-6qaw","summary":"Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n    including the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3872.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3872.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3872","reference_id":"","reference_type":"","scores":[{"value":"0.1173","scoring_system":"epss","scoring_elements":"0.93854","published_at":"2026-06-11T12:55:00Z"},{"value":"0.1173","scoring_system":"epss","scoring_elements":"0.93874","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3872"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=532906","reference_id":"532906","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=532906"},{"reference_url":"https://security.gentoo.org/glsa/200911-02","reference_id":"GLSA-200911-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200911-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1551","reference_id":"RHSA-2009:1551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1560","reference_id":"RHSA-2009:1560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1643","reference_id":"RHSA-2009:1643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1643"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1647","reference_id":"RHSA-2009:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0043","reference_id":"RHSA-2010:0043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0043"}],"fixed_packages":[],"aliases":["CVE-2009-3872"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xtqp-h3n1-6qaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181833?format=json","vulnerability_id":"VCID-zd7x-xncx-5uc6","summary":"Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n    including the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3873.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3873.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3873","reference_id":"","reference_type":"","scores":[{"value":"0.11882","scoring_system":"epss","scoring_elements":"0.93901","published_at":"2026-06-11T12:55:00Z"},{"value":"0.11882","scoring_system":"epss","scoring_elements":"0.9392","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3873"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530053","reference_id":"530053","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530053"},{"reference_url":"https://security.gentoo.org/glsa/200911-02","reference_id":"GLSA-200911-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200911-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1551","reference_id":"RHSA-2009:1551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1560","reference_id":"RHSA-2009:1560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1571","reference_id":"RHSA-2009:1571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1584","reference_id":"RHSA-2009:1584","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1584"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1643","reference_id":"RHSA-2009:1643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1643"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1647","reference_id":"RHSA-2009:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1662","reference_id":"RHSA-2009:1662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0043","reference_id":"RHSA-2010:0043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0043"},{"reference_url":"https://usn.ubuntu.com/859-1/","reference_id":"USN-859-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/859-1/"}],"fixed_packages":[],"aliases":["CVE-2009-3873"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zd7x-xncx-5uc6"}],"fixing_vulnerabilities":[],"risk_score":"1.6","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.4.2-ibm@1.4.2.13.3-1jpp.1%3Farch=el5"}