{"url":"http://public2.vulnerablecode.io/api/packages/369308?format=json","purl":"pkg:rpm/redhat/firefox@3.0.9-1?arch=el4","type":"rpm","namespace":"redhat","name":"firefox","version":"3.0.9-1","qualifiers":{"arch":"el4"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/182522?format=json","vulnerability_id":"VCID-1d7e-xjff-wue1","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0652.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0652.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0652","reference_id":"","reference_type":"","scores":[{"value":"0.02133","scoring_system":"epss","scoring_elements":"0.84553","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02133","scoring_system":"epss","scoring_elements":"0.84607","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0652"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=486704","reference_id":"486704","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=486704"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0652","reference_id":"CVE-2009-0652","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0652"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-15","reference_id":"mfsa2009-15","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0436","reference_id":"RHSA-2009:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0437","reference_id":"RHSA-2009:0437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0437"},{"reference_url":"https://usn.ubuntu.com/764-1/","reference_id":"USN-764-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/764-1/"}],"fixed_packages":[],"aliases":["CVE-2009-0652"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1d7e-xjff-wue1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/182544?format=json","vulnerability_id":"VCID-5kgu-56f8-ebfx","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1308.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1308.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1308","reference_id":"","reference_type":"","scores":[{"value":"0.01099","scoring_system":"epss","scoring_elements":"0.78445","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01099","scoring_system":"epss","scoring_elements":"0.78512","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1308"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=496266","reference_id":"496266","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=496266"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1308","reference_id":"CVE-2009-1308","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1308"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-18","reference_id":"mfsa2009-18","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0436","reference_id":"RHSA-2009:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/764-1/","reference_id":"USN-764-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/764-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1308"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5kgu-56f8-ebfx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/182536?format=json","vulnerability_id":"VCID-6h8a-ryte-m7er","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1306.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1306.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1306","reference_id":"","reference_type":"","scores":[{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.83373","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01841","scoring_system":"epss","scoring_elements":"0.83434","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1306"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=496262","reference_id":"496262","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=496262"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1306","reference_id":"CVE-2009-1306","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1306"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-16","reference_id":"mfsa2009-16","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0436","reference_id":"RHSA-2009:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0437","reference_id":"RHSA-2009:0437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1125","reference_id":"RHSA-2009:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/764-1/","reference_id":"USN-764-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/764-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1306"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6h8a-ryte-m7er"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/182537?format=json","vulnerability_id":"VCID-7pyt-c48f-sbe3","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1307.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1307.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1307","reference_id":"","reference_type":"","scores":[{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80649","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80709","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1307"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=496263","reference_id":"496263","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=496263"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1307","reference_id":"CVE-2009-1307","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1307"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-17","reference_id":"mfsa2009-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0436","reference_id":"RHSA-2009:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0437","reference_id":"RHSA-2009:0437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1125","reference_id":"RHSA-2009:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/764-1/","reference_id":"USN-764-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/764-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1307"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7pyt-c48f-sbe3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/182552?format=json","vulnerability_id":"VCID-dzfn-e9kq-gbfv","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1309.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1309.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1309","reference_id":"","reference_type":"","scores":[{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.83001","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.83063","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1309"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=496267","reference_id":"496267","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=496267"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1309","reference_id":"CVE-2009-1309","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1309"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-19","reference_id":"mfsa2009-19","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0436","reference_id":"RHSA-2009:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0437","reference_id":"RHSA-2009:0437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1125","reference_id":"RHSA-2009:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/764-1/","reference_id":"USN-764-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/764-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1309"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dzfn-e9kq-gbfv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/182532?format=json","vulnerability_id":"VCID-ep4e-weez-k3et","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1302.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1302.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1302","reference_id":"","reference_type":"","scores":[{"value":"0.04391","scoring_system":"epss","scoring_elements":"0.89232","published_at":"2026-06-11T12:55:00Z"},{"value":"0.04391","scoring_system":"epss","scoring_elements":"0.8927","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1302"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=496252","reference_id":"496252","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=496252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1302","reference_id":"CVE-2009-1302","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1302"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-14","reference_id":"mfsa2009-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0436","reference_id":"RHSA-2009:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0436"},{"reference_url":"https://usn.ubuntu.com/764-1/","reference_id":"USN-764-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/764-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1302"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ep4e-weez-k3et"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/182533?format=json","vulnerability_id":"VCID-j53j-vc3a-wuds","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1303.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1303.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1303","reference_id":"","reference_type":"","scores":[{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86437","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02802","scoring_system":"epss","scoring_elements":"0.86488","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1303"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=496253","reference_id":"496253","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=496253"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1303","reference_id":"CVE-2009-1303","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1303"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-14","reference_id":"mfsa2009-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0436","reference_id":"RHSA-2009:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0437","reference_id":"RHSA-2009:0437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1125","reference_id":"RHSA-2009:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/764-1/","reference_id":"USN-764-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/764-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1303"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j53j-vc3a-wuds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/182555?format=json","vulnerability_id":"VCID-qvc3-r29k-eff2","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1311.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1311.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1311","reference_id":"","reference_type":"","scores":[{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.79119","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.79184","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1311"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=496271","reference_id":"496271","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=496271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1311","reference_id":"CVE-2009-1311","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1311"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-21","reference_id":"mfsa2009-21","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0436","reference_id":"RHSA-2009:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0437","reference_id":"RHSA-2009:0437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0437"},{"reference_url":"https://usn.ubuntu.com/764-1/","reference_id":"USN-764-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/764-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1311"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qvc3-r29k-eff2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/182534?format=json","vulnerability_id":"VCID-t4a5-v1td-6khy","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1304.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1304.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1304","reference_id":"","reference_type":"","scores":[{"value":"0.06664","scoring_system":"epss","scoring_elements":"0.91427","published_at":"2026-06-11T12:55:00Z"},{"value":"0.06664","scoring_system":"epss","scoring_elements":"0.91458","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1304"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=496255","reference_id":"496255","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=496255"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1304","reference_id":"CVE-2009-1304","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1304"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-14","reference_id":"mfsa2009-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0436","reference_id":"RHSA-2009:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0436"},{"reference_url":"https://usn.ubuntu.com/764-1/","reference_id":"USN-764-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/764-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1304"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t4a5-v1td-6khy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/182535?format=json","vulnerability_id":"VCID-um8q-8ncs-abf6","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1305.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1305.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1305","reference_id":"","reference_type":"","scores":[{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89608","published_at":"2026-06-11T12:55:00Z"},{"value":"0.04708","scoring_system":"epss","scoring_elements":"0.89642","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1305"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=496256","reference_id":"496256","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=496256"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1305","reference_id":"CVE-2009-1305","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1305"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-14","reference_id":"mfsa2009-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0436","reference_id":"RHSA-2009:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0437","reference_id":"RHSA-2009:0437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1125","reference_id":"RHSA-2009:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/764-1/","reference_id":"USN-764-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/764-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1305"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-um8q-8ncs-abf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/182554?format=json","vulnerability_id":"VCID-x5ca-xcvu-ufac","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1310.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1310.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1310","reference_id":"","reference_type":"","scores":[{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75477","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75548","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1310"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=496270","reference_id":"496270","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=496270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1310","reference_id":"CVE-2009-1310","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1310"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-20","reference_id":"mfsa2009-20","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0436","reference_id":"RHSA-2009:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0436"},{"reference_url":"https://usn.ubuntu.com/764-1/","reference_id":"USN-764-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/764-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1310"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x5ca-xcvu-ufac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/182556?format=json","vulnerability_id":"VCID-xnnu-c5qn-r7f2","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1312.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1312.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1312","reference_id":"","reference_type":"","scores":[{"value":"0.05662","scoring_system":"epss","scoring_elements":"0.90579","published_at":"2026-06-11T12:55:00Z"},{"value":"0.06504","scoring_system":"epss","scoring_elements":"0.91342","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1312"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=496274","reference_id":"496274","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=496274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1312","reference_id":"CVE-2009-1312","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1312"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32942.txt","reference_id":"CVE-2009-1312;OSVDB-53952","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32942.txt"},{"reference_url":"https://www.securityfocus.com/bid/34656/info","reference_id":"CVE-2009-1312;OSVDB-53952","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/34656/info"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-22","reference_id":"mfsa2009-22","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0436","reference_id":"RHSA-2009:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0437","reference_id":"RHSA-2009:0437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0437"},{"reference_url":"https://usn.ubuntu.com/764-1/","reference_id":"USN-764-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/764-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1312"],"risk_score":0.2,"exploitability":"2.0","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xnnu-c5qn-r7f2"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@3.0.9-1%3Farch=el4"}