{"url":"http://public2.vulnerablecode.io/api/packages/86696?format=json","purl":"pkg:mozilla/Firefox@3.0.15","type":"mozilla","namespace":"","name":"Firefox","version":"3.0.15","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"3.0.16","latest_non_vulnerable_version":"150.0.1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63614?format=json","vulnerability_id":"VCID-2jhf-j64s-gygy","summary":"Security researcher Alin Rad Pop of Secunia\nResearch reported a heap-based buffer overflow in Mozilla's string to\nfloating point number conversion routines.  Using this vulnerability\nan attacker could craft some malicious JavaScript code containing a\nvery long string to be converted to a floating point number which\nwould result in improper memory allocation and the execution of an\narbitrary memory location.  This vulnerability could thus be leveraged\nby the attacker to run arbitrary code on a victim's computer.Update: The underlying flaw in the dtoa routines used\nby Mozilla appears to be essentially the same as that reported against the\nlibc gdtoa routine by Maksymilian Arciemowicz.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0689.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0689.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0689","reference_id":"","reference_type":"","scores":[{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.9744","published_at":"2026-05-05T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97395","published_at":"2026-04-01T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97434","published_at":"2026-04-26T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97437","published_at":"2026-04-29T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97402","published_at":"2026-04-02T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97406","published_at":"2026-04-04T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97408","published_at":"2026-04-07T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97415","published_at":"2026-04-08T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97417","published_at":"2026-04-09T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97419","published_at":"2026-04-11T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97421","published_at":"2026-04-13T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97429","published_at":"2026-04-16T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97433","published_at":"2026-04-21T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97432","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0689"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=539784","reference_id":"539784","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=539784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689","reference_id":"CVE-2009-0689","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10185.txt","reference_id":"CVE-2009-0689","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10185.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10187.txt","reference_id":"CVE-2009-0689;OSVDB-61186","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10187.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33363.txt","reference_id":"CVE-2009-0689;OSVDB-61186","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33363.txt"},{"reference_url":"https://www.securityfocus.com/bid/37078/info","reference_id":"CVE-2009-0689;OSVDB-61186","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/37078/info"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/10184.txt","reference_id":"CVE-2009-0689;OSVDB-61187","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/10184.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33364.txt","reference_id":"CVE-2009-0689;OSVDB-61187","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33364.txt"},{"reference_url":"https://www.securityfocus.com/bid/37080/info","reference_id":"CVE-2009-0689;OSVDB-61187","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/37080/info"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33312.txt","reference_id":"CVE-2009-0689;OSVDB-61189","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33312.txt"},{"reference_url":"https://www.securityfocus.com/bid/36851/info","reference_id":"CVE-2009-0689;OSVDB-61189","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/36851/info"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10186.txt","reference_id":"CVE-2009-0689;OSVDB-62402","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10186.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/33058.txt","reference_id":"CVE-2009-0689;OSVDB-63639","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/33058.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/dos/33479.c","reference_id":"CVE-2009-0689;OSVDB-63639","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/dos/33479.c"},{"reference_url":"https://www.securityfocus.com/bid/35510/info","reference_id":"CVE-2009-0689;OSVDB-63639","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/35510/info"},{"reference_url":"https://www.securityfocus.com/bid/37687/info","reference_id":"CVE-2009-0689;OSVDB-63639","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/37687/info"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33480.txt","reference_id":"CVE-2009-0689;OSVDB-63641","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33480.txt"},{"reference_url":"https://www.securityfocus.com/bid/37688/info","reference_id":"CVE-2009-0689;OSVDB-63641","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/37688/info"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-59","reference_id":"mfsa2009-59","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-59"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/10380.pl","reference_id":"OSVDB-61189;CVE-2009-0689","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/10380.pl"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1530","reference_id":"RHSA-2009:1530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1531","reference_id":"RHSA-2009:1531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1601","reference_id":"RHSA-2009:1601","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1601"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0153","reference_id":"RHSA-2010:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0154","reference_id":"RHSA-2010:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0311","reference_id":"RHSA-2014:0311","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0311"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0312","reference_id":"RHSA-2014:0312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0312"},{"reference_url":"https://usn.ubuntu.com/871-1/","reference_id":"USN-871-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/871-1/"},{"reference_url":"https://usn.ubuntu.com/915-1/","reference_id":"USN-915-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/915-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86696?format=json","purl":"pkg:mozilla/Firefox@3.0.15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/86695?format=json","purl":"pkg:mozilla/Firefox@3.5.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.4"}],"aliases":["CVE-2009-0689"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2jhf-j64s-gygy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53001?format=json","vulnerability_id":"VCID-4vaj-81k4-n3a6","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3374.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3374.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3374","reference_id":"","reference_type":"","scores":[{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75547","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75404","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75407","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75439","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75419","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75462","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75472","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75491","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.7547","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75459","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75501","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75507","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75495","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75528","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75533","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75537","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3374"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530157","reference_id":"530157","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3374","reference_id":"CVE-2009-3374","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3374"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-57","reference_id":"mfsa2009-57","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-57"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1530","reference_id":"RHSA-2009:1530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1530"},{"reference_url":"https://usn.ubuntu.com/853-1/","reference_id":"USN-853-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/853-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86696?format=json","purl":"pkg:mozilla/Firefox@3.0.15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/86695?format=json","purl":"pkg:mozilla/Firefox@3.5.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.4"}],"aliases":["CVE-2009-3374"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4vaj-81k4-n3a6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52993?format=json","vulnerability_id":"VCID-58z4-jhs8-kyay","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3372.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3372.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3372","reference_id":"","reference_type":"","scores":[{"value":"0.0177","scoring_system":"epss","scoring_elements":"0.82745","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0177","scoring_system":"epss","scoring_elements":"0.8258","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0177","scoring_system":"epss","scoring_elements":"0.82595","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0177","scoring_system":"epss","scoring_elements":"0.82611","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0177","scoring_system":"epss","scoring_elements":"0.82607","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0177","scoring_system":"epss","scoring_elements":"0.82633","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0177","scoring_system":"epss","scoring_elements":"0.8264","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0177","scoring_system":"epss","scoring_elements":"0.82658","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0177","scoring_system":"epss","scoring_elements":"0.82652","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0177","scoring_system":"epss","scoring_elements":"0.82647","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0177","scoring_system":"epss","scoring_elements":"0.82685","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0177","scoring_system":"epss","scoring_elements":"0.82688","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0177","scoring_system":"epss","scoring_elements":"0.8271","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0177","scoring_system":"epss","scoring_elements":"0.82719","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0177","scoring_system":"epss","scoring_elements":"0.82726","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3372"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530155","reference_id":"530155","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530155"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3372","reference_id":"CVE-2009-3372","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3372"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-55","reference_id":"mfsa2009-55","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-55"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1530","reference_id":"RHSA-2009:1530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1530"},{"reference_url":"https://usn.ubuntu.com/853-1/","reference_id":"USN-853-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/853-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86696?format=json","purl":"pkg:mozilla/Firefox@3.0.15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/86695?format=json","purl":"pkg:mozilla/Firefox@3.5.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.4"}],"aliases":["CVE-2009-3372"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-58z4-jhs8-kyay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53005?format=json","vulnerability_id":"VCID-5bdt-dd2k-c7gq","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3376.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3376.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3376","reference_id":"","reference_type":"","scores":[{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86685","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86561","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86572","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86591","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.8661","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.8662","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86634","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86632","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86625","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86638","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86644","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86637","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86655","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86664","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86663","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3376"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530168","reference_id":"530168","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530168"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3376","reference_id":"CVE-2009-3376","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3376"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-62","reference_id":"mfsa2009-62","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-62"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1530","reference_id":"RHSA-2009:1530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1531","reference_id":"RHSA-2009:1531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0153","reference_id":"RHSA-2010:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0154","reference_id":"RHSA-2010:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0154"},{"reference_url":"https://usn.ubuntu.com/853-1/","reference_id":"USN-853-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/853-1/"},{"reference_url":"https://usn.ubuntu.com/915-1/","reference_id":"USN-915-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/915-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86696?format=json","purl":"pkg:mozilla/Firefox@3.0.15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/86695?format=json","purl":"pkg:mozilla/Firefox@3.5.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.4"}],"aliases":["CVE-2009-3376"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5bdt-dd2k-c7gq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53002?format=json","vulnerability_id":"VCID-aw3w-yap1-u7cx","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3375.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3375.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3375","reference_id":"","reference_type":"","scores":[{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64225","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64102","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64158","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64186","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64146","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64196","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64212","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64226","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64215","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64221","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64233","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64242","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64255","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64254","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3375"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530167","reference_id":"530167","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3375","reference_id":"CVE-2009-3375","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3375"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-61","reference_id":"mfsa2009-61","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-61"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1530","reference_id":"RHSA-2009:1530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1531","reference_id":"RHSA-2009:1531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1531"},{"reference_url":"https://usn.ubuntu.com/853-1/","reference_id":"USN-853-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/853-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86696?format=json","purl":"pkg:mozilla/Firefox@3.0.15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/86695?format=json","purl":"pkg:mozilla/Firefox@3.5.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.4"}],"aliases":["CVE-2009-3375"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aw3w-yap1-u7cx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52991?format=json","vulnerability_id":"VCID-b76x-3z8j-4fa9","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3274.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3274.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3274","reference_id":"","reference_type":"","scores":[{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33501","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33873","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34211","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34244","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34106","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34149","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34178","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34135","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34111","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34148","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.341","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33727","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33705","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33619","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3274"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=524815","reference_id":"524815","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=524815"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3274","reference_id":"CVE-2009-3274","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3274"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-53","reference_id":"mfsa2009-53","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-53"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1530","reference_id":"RHSA-2009:1530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1531","reference_id":"RHSA-2009:1531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0153","reference_id":"RHSA-2010:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0154","reference_id":"RHSA-2010:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0154"},{"reference_url":"https://usn.ubuntu.com/853-1/","reference_id":"USN-853-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/853-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86696?format=json","purl":"pkg:mozilla/Firefox@3.0.15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/86695?format=json","purl":"pkg:mozilla/Firefox@3.5.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.4"}],"aliases":["CVE-2009-3274"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b76x-3z8j-4fa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52997?format=json","vulnerability_id":"VCID-h68j-ht6w-jqbm","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3373.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3373.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3373","reference_id":"","reference_type":"","scores":[{"value":"0.11615","scoring_system":"epss","scoring_elements":"0.9369","published_at":"2026-05-05T12:55:00Z"},{"value":"0.11615","scoring_system":"epss","scoring_elements":"0.93616","published_at":"2026-04-01T12:55:00Z"},{"value":"0.11615","scoring_system":"epss","scoring_elements":"0.93625","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11615","scoring_system":"epss","scoring_elements":"0.93634","published_at":"2026-04-04T12:55:00Z"},{"value":"0.11615","scoring_system":"epss","scoring_elements":"0.93636","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11615","scoring_system":"epss","scoring_elements":"0.93645","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11615","scoring_system":"epss","scoring_elements":"0.93647","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11615","scoring_system":"epss","scoring_elements":"0.93651","published_at":"2026-04-12T12:55:00Z"},{"value":"0.11615","scoring_system":"epss","scoring_elements":"0.93652","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11615","scoring_system":"epss","scoring_elements":"0.9367","published_at":"2026-04-16T12:55:00Z"},{"value":"0.11615","scoring_system":"epss","scoring_elements":"0.93677","published_at":"2026-04-18T12:55:00Z"},{"value":"0.11615","scoring_system":"epss","scoring_elements":"0.9368","published_at":"2026-04-21T12:55:00Z"},{"value":"0.11615","scoring_system":"epss","scoring_elements":"0.93685","published_at":"2026-04-24T12:55:00Z"},{"value":"0.11615","scoring_system":"epss","scoring_elements":"0.93684","published_at":"2026-04-26T12:55:00Z"},{"value":"0.11615","scoring_system":"epss","scoring_elements":"0.93682","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3373"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530156","reference_id":"530156","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3373","reference_id":"CVE-2009-3373","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3373"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33313.txt","reference_id":"CVE-2009-3373;OSVDB-59393","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33313.txt"},{"reference_url":"https://www.securityfocus.com/bid/36855/info","reference_id":"CVE-2009-3373;OSVDB-59393","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/36855/info"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-56","reference_id":"mfsa2009-56","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-56"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1530","reference_id":"RHSA-2009:1530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1530"},{"reference_url":"https://usn.ubuntu.com/853-1/","reference_id":"USN-853-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/853-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86696?format=json","purl":"pkg:mozilla/Firefox@3.0.15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/86695?format=json","purl":"pkg:mozilla/Firefox@3.5.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.4"}],"aliases":["CVE-2009-3373"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h68j-ht6w-jqbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63615?format=json","vulnerability_id":"VCID-nx8g-hhbk-yyep","summary":"Mozilla upgraded several third party libraries used in media\nrendering to address multiple memory safety and stability bugs\nidentified by members of the Mozilla community.  Some of the bugs\ndiscovered could potentially be used by an attacker to crash a\nvictim's browser and execute arbitrary code on their\ncomputer.  liboggz, libvorbis,\nand liboggplay were all upgraded to address these\nissues.Audio and video capabilities were added in Firefox 3.5\nso prior releases of Firefox were not affected.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3370.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3370.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3370","reference_id":"","reference_type":"","scores":[{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68211","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68231","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68236","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68084","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68107","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68125","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68102","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68154","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68169","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68194","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.6818","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68147","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68185","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68197","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68179","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68222","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3370"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530151","reference_id":"530151","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530151"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3370","reference_id":"CVE-2009-3370","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3370"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-52","reference_id":"mfsa2009-52","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-63","reference_id":"mfsa2009-63","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-63"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1530","reference_id":"RHSA-2009:1530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1530"},{"reference_url":"https://usn.ubuntu.com/853-1/","reference_id":"USN-853-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/853-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86696?format=json","purl":"pkg:mozilla/Firefox@3.0.15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/86695?format=json","purl":"pkg:mozilla/Firefox@3.5.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.4"}],"aliases":["CVE-2009-3370"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nx8g-hhbk-yyep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53019?format=json","vulnerability_id":"VCID-yn4z-ymst-1bew","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3380.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3380.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3380","reference_id":"","reference_type":"","scores":[{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87893","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87795","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87806","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87817","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.8782","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87842","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87849","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.8786","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87854","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87853","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87867","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87865","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87862","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87878","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87884","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87882","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3380"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530567","reference_id":"530567","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3380","reference_id":"CVE-2009-3380","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3380"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-64","reference_id":"mfsa2009-64","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-64"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1530","reference_id":"RHSA-2009:1530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1531","reference_id":"RHSA-2009:1531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0153","reference_id":"RHSA-2010:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0154","reference_id":"RHSA-2010:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0154"},{"reference_url":"https://usn.ubuntu.com/853-1/","reference_id":"USN-853-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/853-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86696?format=json","purl":"pkg:mozilla/Firefox@3.0.15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/86695?format=json","purl":"pkg:mozilla/Firefox@3.5.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.4"}],"aliases":["CVE-2009-3380"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yn4z-ymst-1bew"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.15"}