{"url":"http://public2.vulnerablecode.io/api/packages/86705?format=json","purl":"pkg:mozilla/Firefox@3.5.3","type":"mozilla","namespace":"","name":"Firefox","version":"3.5.3","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"3.5.4","latest_non_vulnerable_version":"150.0.2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52982?format=json","vulnerability_id":"VCID-1n9c-e6em-kbb6","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3077.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3077.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3077","reference_id":"","reference_type":"","scores":[{"value":"0.0543","scoring_system":"epss","scoring_elements":"0.90219","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0543","scoring_system":"epss","scoring_elements":"0.90124","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0543","scoring_system":"epss","scoring_elements":"0.90127","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0543","scoring_system":"epss","scoring_elements":"0.90139","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0543","scoring_system":"epss","scoring_elements":"0.90143","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0543","scoring_system":"epss","scoring_elements":"0.90159","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0543","scoring_system":"epss","scoring_elements":"0.90165","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0543","scoring_system":"epss","scoring_elements":"0.90173","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0543","scoring_system":"epss","scoring_elements":"0.90167","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0543","scoring_system":"epss","scoring_elements":"0.90185","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0543","scoring_system":"epss","scoring_elements":"0.90181","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0543","scoring_system":"epss","scoring_elements":"0.90196","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0543","scoring_system":"epss","scoring_elements":"0.90195","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0543","scoring_system":"epss","scoring_elements":"0.90193","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0543","scoring_system":"epss","scoring_elements":"0.90204","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3077"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=521693","reference_id":"521693","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=521693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3077","reference_id":"CVE-2009-3077","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3077"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-49","reference_id":"mfsa2009-49","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-49"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1430","reference_id":"RHSA-2009:1430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1431","reference_id":"RHSA-2009:1431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1432","reference_id":"RHSA-2009:1432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1432"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0153","reference_id":"RHSA-2010:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0154","reference_id":"RHSA-2010:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0154"},{"reference_url":"https://usn.ubuntu.com/821-1/","reference_id":"USN-821-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/821-1/"},{"reference_url":"https://usn.ubuntu.com/915-1/","reference_id":"USN-915-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/915-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86706?format=json","purl":"pkg:mozilla/Firefox@3.0.14","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/86705?format=json","purl":"pkg:mozilla/Firefox@3.5.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.3"}],"aliases":["CVE-2009-3077"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1n9c-e6em-kbb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52948?format=json","vulnerability_id":"VCID-neve-xgyz-47hb","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3069.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3069.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3069","reference_id":"","reference_type":"","scores":[{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.90024","published_at":"2026-05-07T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89927","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.8993","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89943","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89949","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89965","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89971","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89979","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89977","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.8997","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89985","published_at":"2026-04-16T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89986","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89982","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89999","published_at":"2026-04-24T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89998","published_at":"2026-04-26T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89997","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.90009","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3069"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=521684","reference_id":"521684","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=521684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3069","reference_id":"CVE-2009-3069","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3069"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-47","reference_id":"mfsa2009-47","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-47"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86706?format=json","purl":"pkg:mozilla/Firefox@3.0.14","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/86705?format=json","purl":"pkg:mozilla/Firefox@3.5.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.3"}],"aliases":["CVE-2009-3069"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-neve-xgyz-47hb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52989?format=json","vulnerability_id":"VCID-q4zw-qbrc-p3bf","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3079.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3079.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3079","reference_id":"","reference_type":"","scores":[{"value":"0.0151","scoring_system":"epss","scoring_elements":"0.81301","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0151","scoring_system":"epss","scoring_elements":"0.81133","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0151","scoring_system":"epss","scoring_elements":"0.81141","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0151","scoring_system":"epss","scoring_elements":"0.81165","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0151","scoring_system":"epss","scoring_elements":"0.81163","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0151","scoring_system":"epss","scoring_elements":"0.81191","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0151","scoring_system":"epss","scoring_elements":"0.81197","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0151","scoring_system":"epss","scoring_elements":"0.81217","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0151","scoring_system":"epss","scoring_elements":"0.81203","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0151","scoring_system":"epss","scoring_elements":"0.81195","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0151","scoring_system":"epss","scoring_elements":"0.81233","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0151","scoring_system":"epss","scoring_elements":"0.81234","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0151","scoring_system":"epss","scoring_elements":"0.81255","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0151","scoring_system":"epss","scoring_elements":"0.81262","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0151","scoring_system":"epss","scoring_elements":"0.81268","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0151","scoring_system":"epss","scoring_elements":"0.81283","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3079"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=521695","reference_id":"521695","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=521695"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3079","reference_id":"CVE-2009-3079","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3079"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-51","reference_id":"mfsa2009-51","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-51"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1430","reference_id":"RHSA-2009:1430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1430"},{"reference_url":"https://usn.ubuntu.com/821-1/","reference_id":"USN-821-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/821-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86706?format=json","purl":"pkg:mozilla/Firefox@3.0.14","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/86705?format=json","purl":"pkg:mozilla/Firefox@3.5.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.3"}],"aliases":["CVE-2009-3079"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q4zw-qbrc-p3bf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52985?format=json","vulnerability_id":"VCID-x2fp-9shs-2ucs","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3078.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3078.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3078","reference_id":"","reference_type":"","scores":[{"value":"0.01724","scoring_system":"epss","scoring_elements":"0.82533","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01724","scoring_system":"epss","scoring_elements":"0.82344","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01724","scoring_system":"epss","scoring_elements":"0.82359","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01724","scoring_system":"epss","scoring_elements":"0.82376","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01724","scoring_system":"epss","scoring_elements":"0.82371","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01724","scoring_system":"epss","scoring_elements":"0.82399","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01724","scoring_system":"epss","scoring_elements":"0.82407","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01724","scoring_system":"epss","scoring_elements":"0.82425","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01724","scoring_system":"epss","scoring_elements":"0.82422","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01724","scoring_system":"epss","scoring_elements":"0.82416","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01724","scoring_system":"epss","scoring_elements":"0.82451","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01724","scoring_system":"epss","scoring_elements":"0.82453","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01724","scoring_system":"epss","scoring_elements":"0.82457","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01724","scoring_system":"epss","scoring_elements":"0.82479","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01724","scoring_system":"epss","scoring_elements":"0.82489","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01724","scoring_system":"epss","scoring_elements":"0.82493","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01724","scoring_system":"epss","scoring_elements":"0.82512","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3078"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=521694","reference_id":"521694","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=521694"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3078","reference_id":"CVE-2009-3078","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3078"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-50","reference_id":"mfsa2009-50","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-50"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1430","reference_id":"RHSA-2009:1430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1430"},{"reference_url":"https://usn.ubuntu.com/821-1/","reference_id":"USN-821-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/821-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86706?format=json","purl":"pkg:mozilla/Firefox@3.0.14","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/86705?format=json","purl":"pkg:mozilla/Firefox@3.5.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.3"}],"aliases":["CVE-2009-3078"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x2fp-9shs-2ucs"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.3"}