{"url":"http://public2.vulnerablecode.io/api/packages/86704?format=json","purl":"pkg:mozilla/SeaMonkey@1.1.17","type":"mozilla","namespace":"","name":"SeaMonkey","version":"1.1.17","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.1.18","latest_non_vulnerable_version":"2.38.0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52659?format=json","vulnerability_id":"VCID-44gu-7x3j-hydk","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1836.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1836.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1836","reference_id":"","reference_type":"","scores":[{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83996","published_at":"2026-05-15T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83738","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83751","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83766","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83768","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83792","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83799","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83814","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83808","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83804","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83837","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83838","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83863","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83871","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83876","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83898","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83919","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83935","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83951","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83985","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1836"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=503578","reference_id":"503578","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=503578"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1836","reference_id":"CVE-2009-1836","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1836"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-27","reference_id":"mfsa2009-27","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1095","reference_id":"RHSA-2009:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/779-1/","reference_id":"USN-779-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/779-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86704?format=json","purl":"pkg:mozilla/SeaMonkey@1.1.17","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.1.17"}],"aliases":["CVE-2009-1836"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-44gu-7x3j-hydk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52732?format=json","vulnerability_id":"VCID-9qwt-b4rw-1bgp","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1841.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1841.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1841","reference_id":"","reference_type":"","scores":[{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88892","published_at":"2026-05-15T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88732","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88741","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88758","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.8876","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88777","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88782","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88794","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88789","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88803","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88801","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88799","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88814","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.8882","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88819","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88828","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88845","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88857","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88853","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88864","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04241","scoring_system":"epss","scoring_elements":"0.88881","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1841"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=503583","reference_id":"503583","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=503583"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1841","reference_id":"CVE-2009-1841","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1841"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-32","reference_id":"mfsa2009-32","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1095","reference_id":"RHSA-2009:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1096","reference_id":"RHSA-2009:1096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1096"},{"reference_url":"https://usn.ubuntu.com/779-1/","reference_id":"USN-779-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/779-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86704?format=json","purl":"pkg:mozilla/SeaMonkey@1.1.17","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.1.17"}],"aliases":["CVE-2009-1841"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9qwt-b4rw-1bgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52516?format=json","vulnerability_id":"VCID-j3ev-79tv-6ybf","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1307.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1307.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1307","reference_id":"","reference_type":"","scores":[{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80429","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80182","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80189","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80209","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80198","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80227","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80237","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80255","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.8024","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80234","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80264","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80266","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.8027","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80296","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80302","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80319","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80334","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80356","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80373","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80368","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80384","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80425","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1307"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=496263","reference_id":"496263","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=496263"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1307","reference_id":"CVE-2009-1307","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1307"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-17","reference_id":"mfsa2009-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0436","reference_id":"RHSA-2009:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0437","reference_id":"RHSA-2009:0437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1125","reference_id":"RHSA-2009:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/764-1/","reference_id":"USN-764-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/764-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86704?format=json","purl":"pkg:mozilla/SeaMonkey@1.1.17","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.1.17"}],"aliases":["CVE-2009-1307"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j3ev-79tv-6ybf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52644?format=json","vulnerability_id":"VCID-k3ye-858q-x3ew","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1835.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1835.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1835","reference_id":"","reference_type":"","scores":[{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81592","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.8134","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81349","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81371","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81369","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81397","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81402","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81423","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81411","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81404","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81441","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81443","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81464","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81472","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81477","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81494","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81514","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81536","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81532","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.8155","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01548","scoring_system":"epss","scoring_elements":"0.81589","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1835"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=503576","reference_id":"503576","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=503576"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1835","reference_id":"CVE-2009-1835","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1835"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-26","reference_id":"mfsa2009-26","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1095","reference_id":"RHSA-2009:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1096","reference_id":"RHSA-2009:1096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1096"},{"reference_url":"https://usn.ubuntu.com/779-1/","reference_id":"USN-779-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/779-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86704?format=json","purl":"pkg:mozilla/SeaMonkey@1.1.17","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.1.17"}],"aliases":["CVE-2009-1835"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k3ye-858q-x3ew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52692?format=json","vulnerability_id":"VCID-r4x1-akj3-b3hr","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1838.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1838.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1838","reference_id":"","reference_type":"","scores":[{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.8939","published_at":"2026-05-15T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89231","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89237","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89251","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89254","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89271","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89276","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89285","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89281","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89277","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89291","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.8929","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89303","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89308","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89311","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.8932","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89338","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89351","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.8935","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.89361","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04629","scoring_system":"epss","scoring_elements":"0.8938","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1838"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=503580","reference_id":"503580","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=503580"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1838","reference_id":"CVE-2009-1838","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1838"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-29","reference_id":"mfsa2009-29","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1095","reference_id":"RHSA-2009:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1096","reference_id":"RHSA-2009:1096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1125","reference_id":"RHSA-2009:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/779-1/","reference_id":"USN-779-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/779-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86704?format=json","purl":"pkg:mozilla/SeaMonkey@1.1.17","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.1.17"}],"aliases":["CVE-2009-1838"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r4x1-akj3-b3hr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52535?format=json","vulnerability_id":"VCID-u3bz-getz-jub6","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1311.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1311.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1311","reference_id":"","reference_type":"","scores":[{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78907","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78655","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78661","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78692","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78673","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78699","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78706","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78731","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78713","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78705","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78734","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78732","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78728","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78757","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78764","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78781","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78801","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78825","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.7884","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78837","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78855","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01175","scoring_system":"epss","scoring_elements":"0.78893","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1311"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=496271","reference_id":"496271","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=496271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1311","reference_id":"CVE-2009-1311","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1311"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-21","reference_id":"mfsa2009-21","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0436","reference_id":"RHSA-2009:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0437","reference_id":"RHSA-2009:0437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0437"},{"reference_url":"https://usn.ubuntu.com/764-1/","reference_id":"USN-764-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/764-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86704?format=json","purl":"pkg:mozilla/SeaMonkey@1.1.17","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.1.17"}],"aliases":["CVE-2009-1311"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u3bz-getz-jub6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52549?format=json","vulnerability_id":"VCID-y9uf-pn44-7qcj","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1392.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1392.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1392","reference_id":"","reference_type":"","scores":[{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94791","published_at":"2026-05-15T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94684","published_at":"2026-04-01T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94692","published_at":"2026-04-02T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94696","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94698","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94708","published_at":"2026-04-08T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94712","published_at":"2026-04-09T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94716","published_at":"2026-04-11T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.9472","published_at":"2026-04-12T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94721","published_at":"2026-04-13T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.9473","published_at":"2026-04-16T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94732","published_at":"2026-04-18T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94737","published_at":"2026-04-26T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94746","published_at":"2026-05-05T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94755","published_at":"2026-05-07T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94764","published_at":"2026-05-09T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.9477","published_at":"2026-05-11T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94776","published_at":"2026-05-12T12:55:00Z"},{"value":"0.15734","scoring_system":"epss","scoring_elements":"0.94788","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1392"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=503568","reference_id":"503568","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=503568"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1392","reference_id":"CVE-2009-1392","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1392"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-24","reference_id":"mfsa2009-24","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1095","reference_id":"RHSA-2009:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1096","reference_id":"RHSA-2009:1096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1125","reference_id":"RHSA-2009:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1126","reference_id":"RHSA-2009:1126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1126"},{"reference_url":"https://usn.ubuntu.com/779-1/","reference_id":"USN-779-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/779-1/"},{"reference_url":"https://usn.ubuntu.com/782-1/","reference_id":"USN-782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/782-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86704?format=json","purl":"pkg:mozilla/SeaMonkey@1.1.17","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.1.17"}],"aliases":["CVE-2009-1392"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y9uf-pn44-7qcj"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.1.17"}