{"url":"http://public2.vulnerablecode.io/api/packages/86703?format=json","purl":"pkg:mozilla/Firefox@3.0.11","type":"mozilla","namespace":"","name":"Firefox","version":"3.0.11","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"3.0.12","latest_non_vulnerable_version":"150.0.3","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52671?format=json","vulnerability_id":"VCID-57n8-64qu-myak","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1837.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1837.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1837","reference_id":"","reference_type":"","scores":[{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.84538","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.84296","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.84309","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.84329","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.84331","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.84353","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.84359","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.84376","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.84369","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.84365","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.84387","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.84388","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.8439","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.84416","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.84425","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.84429","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.84449","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.84475","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.84491","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.8449","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02184","scoring_system":"epss","scoring_elements":"0.84507","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1837"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=503579","reference_id":"503579","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=503579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1837","reference_id":"CVE-2009-1837","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1837"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-28","reference_id":"mfsa2009-28","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-28"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1095","reference_id":"RHSA-2009:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1095"},{"reference_url":"https://usn.ubuntu.com/779-1/","reference_id":"USN-779-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/779-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86703?format=json","purl":"pkg:mozilla/Firefox@3.0.11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.11"}],"aliases":["CVE-2009-1837"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-57n8-64qu-myak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52732?format=json","vulnerability_id":"VCID-9qwt-b4rw-1bgp","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1841.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1841.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1841","reference_id":"","reference_type":"","scores":[{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88881","published_at":"2026-05-14T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88732","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88741","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88758","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.8876","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88777","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88782","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88794","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88789","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88803","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88801","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88799","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88814","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.8882","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88819","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88828","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88845","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88857","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88853","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88864","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1841"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=503583","reference_id":"503583","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=503583"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1841","reference_id":"CVE-2009-1841","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1841"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-32","reference_id":"mfsa2009-32","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1095","reference_id":"RHSA-2009:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1096","reference_id":"RHSA-2009:1096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1096"},{"reference_url":"https://usn.ubuntu.com/779-1/","reference_id":"USN-779-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/779-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86703?format=json","purl":"pkg:mozilla/Firefox@3.0.11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.11"}],"aliases":["CVE-2009-1841"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9qwt-b4rw-1bgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52644?format=json","vulnerability_id":"VCID-k3ye-858q-x3ew","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1835.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1835.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1835","reference_id":"","reference_type":"","scores":[{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81589","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.8134","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81349","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81371","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81369","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81397","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81402","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81423","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81411","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81404","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81441","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81443","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81464","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81472","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81477","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81494","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81514","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81536","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81532","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.8155","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1835"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=503576","reference_id":"503576","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=503576"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1835","reference_id":"CVE-2009-1835","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1835"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-26","reference_id":"mfsa2009-26","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1095","reference_id":"RHSA-2009:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1096","reference_id":"RHSA-2009:1096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1096"},{"reference_url":"https://usn.ubuntu.com/779-1/","reference_id":"USN-779-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/779-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86703?format=json","purl":"pkg:mozilla/Firefox@3.0.11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.11"}],"aliases":["CVE-2009-1835"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k3ye-858q-x3ew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52722?format=json","vulnerability_id":"VCID-pgaf-4nfj-57df","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1840.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1840.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1840","reference_id":"","reference_type":"","scores":[{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80533","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80284","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80291","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80311","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80299","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80327","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80338","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80357","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80342","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80335","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80365","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80367","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80372","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80398","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80404","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80421","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80437","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80459","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80479","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80474","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80491","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1840"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=503582","reference_id":"503582","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=503582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1840","reference_id":"CVE-2009-1840","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1840"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-31","reference_id":"mfsa2009-31","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1095","reference_id":"RHSA-2009:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1095"},{"reference_url":"https://usn.ubuntu.com/779-1/","reference_id":"USN-779-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/779-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86703?format=json","purl":"pkg:mozilla/Firefox@3.0.11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.11"}],"aliases":["CVE-2009-1840"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pgaf-4nfj-57df"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52629?format=json","vulnerability_id":"VCID-phpq-mxd3-zfe1","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1834.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1834.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1834","reference_id":"","reference_type":"","scores":[{"value":"0.11374","scoring_system":"epss","scoring_elements":"0.93636","published_at":"2026-05-14T12:55:00Z"},{"value":"0.11374","scoring_system":"epss","scoring_elements":"0.93518","published_at":"2026-04-01T12:55:00Z"},{"value":"0.11374","scoring_system":"epss","scoring_elements":"0.93527","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11374","scoring_system":"epss","scoring_elements":"0.93535","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11374","scoring_system":"epss","scoring_elements":"0.93543","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11374","scoring_system":"epss","scoring_elements":"0.93546","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11374","scoring_system":"epss","scoring_elements":"0.93552","published_at":"2026-04-12T12:55:00Z"},{"value":"0.11374","scoring_system":"epss","scoring_elements":"0.93553","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11374","scoring_system":"epss","scoring_elements":"0.93572","published_at":"2026-04-16T12:55:00Z"},{"value":"0.11374","scoring_system":"epss","scoring_elements":"0.93577","published_at":"2026-04-18T12:55:00Z"},{"value":"0.11374","scoring_system":"epss","scoring_elements":"0.93583","published_at":"2026-04-21T12:55:00Z"},{"value":"0.11374","scoring_system":"epss","scoring_elements":"0.93588","published_at":"2026-04-24T12:55:00Z"},{"value":"0.11374","scoring_system":"epss","scoring_elements":"0.93586","published_at":"2026-04-26T12:55:00Z"},{"value":"0.11374","scoring_system":"epss","scoring_elements":"0.93585","published_at":"2026-04-29T12:55:00Z"},{"value":"0.11374","scoring_system":"epss","scoring_elements":"0.93593","published_at":"2026-05-05T12:55:00Z"},{"value":"0.11374","scoring_system":"epss","scoring_elements":"0.93606","published_at":"2026-05-07T12:55:00Z"},{"value":"0.11374","scoring_system":"epss","scoring_elements":"0.93616","published_at":"2026-05-09T12:55:00Z"},{"value":"0.11374","scoring_system":"epss","scoring_elements":"0.93617","published_at":"2026-05-11T12:55:00Z"},{"value":"0.11374","scoring_system":"epss","scoring_elements":"0.93624","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1834"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=503573","reference_id":"503573","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=503573"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1834","reference_id":"CVE-2009-1834","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1834"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33039.txt","reference_id":"CVE-2009-1834;OSVDB-55162","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33039.txt"},{"reference_url":"https://www.securityfocus.com/bid/35388/info","reference_id":"CVE-2009-1834;OSVDB-55162","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/35388/info"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-25","reference_id":"mfsa2009-25","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1095","reference_id":"RHSA-2009:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1095"},{"reference_url":"https://usn.ubuntu.com/779-1/","reference_id":"USN-779-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/779-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86703?format=json","purl":"pkg:mozilla/Firefox@3.0.11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.11"}],"aliases":["CVE-2009-1834"],"risk_score":5.4,"exploitability":"2.0","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-phpq-mxd3-zfe1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52692?format=json","vulnerability_id":"VCID-r4x1-akj3-b3hr","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1838.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1838.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1838","reference_id":"","reference_type":"","scores":[{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.8938","published_at":"2026-05-14T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89231","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89237","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89251","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89254","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89271","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89276","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89285","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89281","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89277","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89291","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.8929","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89303","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89308","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89311","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.8932","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89338","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89351","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.8935","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89361","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1838"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=503580","reference_id":"503580","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=503580"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1838","reference_id":"CVE-2009-1838","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1838"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-29","reference_id":"mfsa2009-29","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1095","reference_id":"RHSA-2009:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1096","reference_id":"RHSA-2009:1096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1125","reference_id":"RHSA-2009:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/779-1/","reference_id":"USN-779-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/779-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86703?format=json","purl":"pkg:mozilla/Firefox@3.0.11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.11"}],"aliases":["CVE-2009-1838"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r4x1-akj3-b3hr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52549?format=json","vulnerability_id":"VCID-y9uf-pn44-7qcj","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1392.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1392.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1392","reference_id":"","reference_type":"","scores":[{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94788","published_at":"2026-05-14T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94684","published_at":"2026-04-01T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94692","published_at":"2026-04-02T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94696","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94698","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94708","published_at":"2026-04-08T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94712","published_at":"2026-04-09T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94716","published_at":"2026-04-11T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.9472","published_at":"2026-04-12T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94721","published_at":"2026-04-13T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.9473","published_at":"2026-04-16T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94732","published_at":"2026-04-18T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94737","published_at":"2026-04-26T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94746","published_at":"2026-05-05T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94755","published_at":"2026-05-07T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94764","published_at":"2026-05-09T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.9477","published_at":"2026-05-11T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94776","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1392"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=503568","reference_id":"503568","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=503568"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1392","reference_id":"CVE-2009-1392","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1392"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-24","reference_id":"mfsa2009-24","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1095","reference_id":"RHSA-2009:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1096","reference_id":"RHSA-2009:1096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1125","reference_id":"RHSA-2009:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/779-1/","reference_id":"USN-779-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/779-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86703?format=json","purl":"pkg:mozilla/Firefox@3.0.11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.11"}],"aliases":["CVE-2009-1392"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y9uf-pn44-7qcj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52703?format=json","vulnerability_id":"VCID-z3x8-v5u2-6yak","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1839.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1839.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1839","reference_id":"","reference_type":"","scores":[{"value":"0.15161","scoring_system":"epss","scoring_elements":"0.9467","published_at":"2026-05-14T12:55:00Z"},{"value":"0.15161","scoring_system":"epss","scoring_elements":"0.94561","published_at":"2026-04-01T12:55:00Z"},{"value":"0.15161","scoring_system":"epss","scoring_elements":"0.94568","published_at":"2026-04-02T12:55:00Z"},{"value":"0.15161","scoring_system":"epss","scoring_elements":"0.94575","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15161","scoring_system":"epss","scoring_elements":"0.94577","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15161","scoring_system":"epss","scoring_elements":"0.94587","published_at":"2026-04-08T12:55:00Z"},{"value":"0.15161","scoring_system":"epss","scoring_elements":"0.94591","published_at":"2026-04-09T12:55:00Z"},{"value":"0.15161","scoring_system":"epss","scoring_elements":"0.94594","published_at":"2026-04-11T12:55:00Z"},{"value":"0.15161","scoring_system":"epss","scoring_elements":"0.94597","published_at":"2026-04-13T12:55:00Z"},{"value":"0.15161","scoring_system":"epss","scoring_elements":"0.94611","published_at":"2026-04-16T12:55:00Z"},{"value":"0.15161","scoring_system":"epss","scoring_elements":"0.94614","published_at":"2026-04-18T12:55:00Z"},{"value":"0.15161","scoring_system":"epss","scoring_elements":"0.94619","published_at":"2026-04-21T12:55:00Z"},{"value":"0.15161","scoring_system":"epss","scoring_elements":"0.9462","published_at":"2026-04-29T12:55:00Z"},{"value":"0.15161","scoring_system":"epss","scoring_elements":"0.94621","published_at":"2026-04-26T12:55:00Z"},{"value":"0.15161","scoring_system":"epss","scoring_elements":"0.94628","published_at":"2026-05-05T12:55:00Z"},{"value":"0.15161","scoring_system":"epss","scoring_elements":"0.94636","published_at":"2026-05-07T12:55:00Z"},{"value":"0.15161","scoring_system":"epss","scoring_elements":"0.94645","published_at":"2026-05-09T12:55:00Z"},{"value":"0.15161","scoring_system":"epss","scoring_elements":"0.94651","published_at":"2026-05-11T12:55:00Z"},{"value":"0.15161","scoring_system":"epss","scoring_elements":"0.94656","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1839"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=503581","reference_id":"503581","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=503581"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1839","reference_id":"CVE-2009-1839","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1839"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/10544.html","reference_id":"CVE-2009-1839;OSVDB-55163","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/10544.html"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-30","reference_id":"mfsa2009-30","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1095","reference_id":"RHSA-2009:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1095"},{"reference_url":"https://usn.ubuntu.com/779-1/","reference_id":"USN-779-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/779-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86703?format=json","purl":"pkg:mozilla/Firefox@3.0.11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.11"}],"aliases":["CVE-2009-1839"],"risk_score":0.2,"exploitability":"2.0","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z3x8-v5u2-6yak"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.11"}