Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/128327?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/128327?format=api", "purl": "pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.15-1jpp.1?arch=el4", "type": "rpm", "namespace": "redhat", "name": "java-1.6.0-sun", "version": "1:1.6.0.15-1jpp.1", "qualifiers": { "arch": "el4" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50706?format=api", "vulnerability_id": "VCID-1c8j-4sxr-sqen", "summary": "Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n including the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2672.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2672.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2672", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14114", "scoring_system": "epss", "scoring_elements": "0.9432", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.14114", "scoring_system": "epss", "scoring_elements": "0.94329", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.14114", "scoring_system": "epss", "scoring_elements": "0.94339", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.14114", "scoring_system": "epss", "scoring_elements": "0.9434", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.14114", "scoring_system": "epss", "scoring_elements": "0.94349", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.14114", "scoring_system": "epss", "scoring_elements": "0.94354", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.14114", "scoring_system": "epss", "scoring_elements": "0.94357", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.14114", "scoring_system": "epss", "scoring_elements": "0.94358", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.14114", "scoring_system": "epss", "scoring_elements": "0.94359", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.14114", "scoring_system": "epss", "scoring_elements": "0.94375", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2672" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907", "reference_id": "512907", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "reference_url": "https://security.gentoo.org/glsa/200911-02", "reference_id": "GLSA-200911-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200911-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1199", "reference_id": "RHSA-2009:1199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1200", "reference_id": "RHSA-2009:1200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1201", "reference_id": "RHSA-2009:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1236", "reference_id": "RHSA-2009:1236", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1236" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1582", "reference_id": "RHSA-2009:1582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1662", "reference_id": "RHSA-2009:1662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0043", "reference_id": "RHSA-2010:0043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0043" }, { "reference_url": "https://usn.ubuntu.com/814-1/", "reference_id": "USN-814-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/814-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-2672" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1c8j-4sxr-sqen" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50710?format=api", "vulnerability_id": "VCID-1kst-h6d9-tubd", "summary": "Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n including the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2674.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2674.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2674", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0398", "scoring_system": "epss", "scoring_elements": "0.88344", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0398", "scoring_system": "epss", "scoring_elements": "0.88353", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0398", "scoring_system": "epss", "scoring_elements": "0.88367", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0398", "scoring_system": "epss", "scoring_elements": "0.88372", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0398", "scoring_system": "epss", "scoring_elements": "0.88391", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0398", "scoring_system": "epss", "scoring_elements": "0.88397", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0398", "scoring_system": "epss", "scoring_elements": "0.88407", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0398", "scoring_system": "epss", "scoring_elements": "0.884", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0398", "scoring_system": "epss", "scoring_elements": "0.88399", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0398", "scoring_system": "epss", "scoring_elements": "0.88414", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2674" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=512915", "reference_id": "512915", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512915" }, { "reference_url": "https://security.gentoo.org/glsa/200911-02", "reference_id": "GLSA-200911-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200911-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1200", "reference_id": "RHSA-2009:1200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1201", "reference_id": "RHSA-2009:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1582", "reference_id": "RHSA-2009:1582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0043", "reference_id": "RHSA-2010:0043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0043" }, { "reference_url": "https://usn.ubuntu.com/814-1/", "reference_id": "USN-814-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/814-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-2674" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1kst-h6d9-tubd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4799?format=api", "vulnerability_id": "VCID-2gpd-vwgb-67cn", "summary": "XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=125787273209737&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=125787273209737&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2012-1232.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2012-1232.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2012-1537.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2012-1537.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2625.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2625.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2625", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01246", "scoring_system": "epss", "scoring_elements": "0.79326", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01562", "scoring_system": "epss", "scoring_elements": "0.81422", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01562", "scoring_system": "epss", "scoring_elements": "0.81432", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01562", "scoring_system": "epss", "scoring_elements": "0.81453", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01562", "scoring_system": "epss", "scoring_elements": "0.81451", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01562", "scoring_system": "epss", "scoring_elements": "0.81479", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01562", "scoring_system": "epss", "scoring_elements": "0.81485", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01562", "scoring_system": "epss", "scoring_elements": "0.81506", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01746", "scoring_system": "epss", "scoring_elements": "0.82541", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01746", "scoring_system": "epss", "scoring_elements": "0.82536", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2625" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2625" }, { "reference_url": "http://secunia.com/advisories/36162", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/36162" }, { "reference_url": "http://secunia.com/advisories/36176", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/36176" }, { "reference_url": "http://secunia.com/advisories/36180", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/36180" }, { "reference_url": "http://secunia.com/advisories/36199", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/36199" }, { "reference_url": "http://secunia.com/advisories/37300", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/37300" }, { "reference_url": "http://secunia.com/advisories/37460", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/37460" }, { "reference_url": "http://secunia.com/advisories/37671", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/37671" }, { "reference_url": "http://secunia.com/advisories/37754", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/37754" }, { "reference_url": "http://secunia.com/advisories/38231", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/38231" }, { "reference_url": "http://secunia.com/advisories/38342", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/38342" }, { "reference_url": "http://secunia.com/advisories/43300", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/43300" }, { "reference_url": "http://secunia.com/advisories/50549", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/50549" }, { "reference_url": "https://github.com/apache/xerces2-j/commit/0bdf77af1d4fd26ec2e630fb6d12e2dfa77bc12b", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/xerces2-j/commit/0bdf77af1d4fd26ec2e630fb6d12e2dfa77bc12b" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.486026", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.486026" }, { "reference_url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8520", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8520" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9356", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9356" }, { "reference_url": "https://rhn.redhat.com/errata/RHSA-2009-1199.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1199.html" }, { "reference_url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html" }, { "reference_url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html" }, { "reference_url": "https://rhn.redhat.com/errata/RHSA-2009-1636.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1636.html" }, { "reference_url": "https://rhn.redhat.com/errata/RHSA-2009-1637.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1637.html" }, { "reference_url": "https://rhn.redhat.com/errata/RHSA-2009-1649.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1649.html" }, { "reference_url": "https://rhn.redhat.com/errata/RHSA-2009-1650.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1650.html" }, { "reference_url": "https://snyk.io/vuln/SNYK-JAVA-XERCES-32014", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://snyk.io/vuln/SNYK-JAVA-XERCES-32014" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-263489-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-263489-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-272209-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-272209-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021506.1-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021506.1-1" }, { "reference_url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=572055&r2=787352&pathrev=787353&diff_format=h", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=572055&r2=787352&pathrev=787353&diff_format=h" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html" }, { "reference_url": "http://www.cert.fi/en/reports/2009/vulnerability2009085.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.cert.fi/en/reports/2009/vulnerability2009085.html" }, { "reference_url": "http://www.codenomicon.com/labs/xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.codenomicon.com/labs/xml" }, { "reference_url": "http://www.codenomicon.com/labs/xml/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.codenomicon.com/labs/xml/" }, { "reference_url": "http://www.debian.org/security/2010/dsa-1984", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2010/dsa-1984" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:108", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:108" }, { "reference_url": "http://www.networkworld.com/columnists/2009/080509-xml-flaw.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.networkworld.com/columnists/2009/080509-xml-flaw.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/09/06/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2009/09/06/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/10/22/9", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2009/10/22/9" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/10/23/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2009/10/23/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/10/26/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2009/10/26/3" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2009-1615.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2009-1615.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0858.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2011-0858.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/35958", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/35958" }, { "reference_url": "http://www.securitytracker.com/id?1022680", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securitytracker.com/id?1022680" }, { "reference_url": "http://www.ubuntu.com/usn/USN-890-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-890-1" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA09-294A.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-294A.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA10-012A.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-012A.html" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/2543", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vupen.com/english/advisories/2009/2543" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3316", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vupen.com/english/advisories/2009/3316" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0359", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vupen.com/english/advisories/2011/0359" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=548358", "reference_id": "548358", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=548358" }, { "reference_url": "https://bugzilla.redhat.com/CVE-2009-2625", "reference_id": "CVE-2009-2625", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/CVE-2009-2625" }, { "reference_url": "https://github.com/advisories/GHSA-334p-wv2m-w3vp", "reference_id": "GHSA-334p-wv2m-w3vp", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-334p-wv2m-w3vp" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1199", "reference_id": "RHSA-2009:1199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1200", "reference_id": "RHSA-2009:1200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1201", "reference_id": "RHSA-2009:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1236", "reference_id": "RHSA-2009:1236", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1236" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1505", "reference_id": "RHSA-2009:1505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1551", "reference_id": "RHSA-2009:1551", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1551" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1582", "reference_id": "RHSA-2009:1582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1615", "reference_id": "RHSA-2009:1615", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1615" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1636", "reference_id": "RHSA-2009:1636", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1636" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1637", "reference_id": "RHSA-2009:1637", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1637" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1649", "reference_id": "RHSA-2009:1649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1650", "reference_id": "RHSA-2009:1650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1662", "reference_id": "RHSA-2009:1662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0043", "reference_id": "RHSA-2010:0043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0858", "reference_id": "RHSA-2011:0858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0725", "reference_id": "RHSA-2012:0725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1232", "reference_id": "RHSA-2012:1232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1537", "reference_id": "RHSA-2012:1537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0763", "reference_id": "RHSA-2013:0763", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0763" }, { "reference_url": "https://usn.ubuntu.com/814-1/", "reference_id": "USN-814-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/814-1/" }, { "reference_url": "https://usn.ubuntu.com/890-1/", "reference_id": "USN-890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-2625", "GHSA-334p-wv2m-w3vp" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2gpd-vwgb-67cn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50724?format=api", "vulnerability_id": "VCID-2k56-hznp-9kgx", "summary": "Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n including the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2718.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2718.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2718", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.67042", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.67079", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.67103", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.67077", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.67127", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.67139", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.67158", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.67145", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.67114", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.67147", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2718" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=516815", "reference_id": "516815", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=516815" }, { "reference_url": "https://security.gentoo.org/glsa/200911-02", "reference_id": "GLSA-200911-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200911-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1200", "reference_id": "RHSA-2009:1200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "fixed_packages": [], "aliases": [ "CVE-2009-2718" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2k56-hznp-9kgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50713?format=api", "vulnerability_id": "VCID-52v7-ahwt-n7bj", "summary": "Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n including the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2675.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2675.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2675", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06835", "scoring_system": "epss", "scoring_elements": "0.91297", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06835", "scoring_system": "epss", "scoring_elements": "0.91301", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06835", "scoring_system": "epss", "scoring_elements": "0.91312", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06835", "scoring_system": "epss", "scoring_elements": "0.91319", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06835", "scoring_system": "epss", "scoring_elements": "0.91331", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06835", "scoring_system": "epss", "scoring_elements": "0.91337", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06835", "scoring_system": "epss", "scoring_elements": "0.91344", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06835", "scoring_system": "epss", "scoring_elements": "0.91346", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06835", "scoring_system": "epss", "scoring_elements": "0.91345", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06835", "scoring_system": "epss", "scoring_elements": "0.91371", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2675" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=512920", "reference_id": "512920", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512920" }, { "reference_url": "https://security.gentoo.org/glsa/200911-02", "reference_id": "GLSA-200911-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200911-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1199", "reference_id": "RHSA-2009:1199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1200", "reference_id": "RHSA-2009:1200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1201", "reference_id": "RHSA-2009:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1236", "reference_id": "RHSA-2009:1236", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1236" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1582", "reference_id": "RHSA-2009:1582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1662", "reference_id": "RHSA-2009:1662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0043", "reference_id": "RHSA-2010:0043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0043" }, { "reference_url": "https://usn.ubuntu.com/814-1/", "reference_id": "USN-814-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/814-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-2675" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-52v7-ahwt-n7bj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50725?format=api", "vulnerability_id": "VCID-dmsh-5f5y-kugu", "summary": "Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n including the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2719.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2719.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2719", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70565", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70579", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70595", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70573", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70619", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70635", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70657", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70643", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70628", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70673", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2719" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=516820", "reference_id": "516820", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=516820" }, { "reference_url": "https://security.gentoo.org/glsa/200911-02", "reference_id": "GLSA-200911-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200911-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1200", "reference_id": "RHSA-2009:1200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "fixed_packages": [], "aliases": [ "CVE-2009-2719" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dmsh-5f5y-kugu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50728?format=api", "vulnerability_id": "VCID-dwzr-6mms-gufq", "summary": "Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n including the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2720.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2720.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2720", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70565", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70579", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70595", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70573", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70619", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70635", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70657", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70643", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70628", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70673", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2720" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=516823", "reference_id": "516823", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=516823" }, { "reference_url": "https://security.gentoo.org/glsa/200911-02", "reference_id": "GLSA-200911-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200911-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1199", "reference_id": "RHSA-2009:1199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1200", "reference_id": "RHSA-2009:1200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "fixed_packages": [], "aliases": [ "CVE-2009-2720" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dwzr-6mms-gufq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50722?format=api", "vulnerability_id": "VCID-ebfs-tnbj-83gy", "summary": "Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n including the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2716.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2716.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2716", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53453", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53477", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53502", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5347", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53522", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53518", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53568", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5355", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53533", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2716" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=516812", "reference_id": "516812", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=516812" }, { "reference_url": "https://security.gentoo.org/glsa/200911-02", "reference_id": "GLSA-200911-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200911-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1200", "reference_id": "RHSA-2009:1200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "fixed_packages": [], "aliases": [ "CVE-2009-2716" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ebfs-tnbj-83gy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50707?format=api", "vulnerability_id": "VCID-jgc1-svry-fufd", "summary": "Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n including the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2673.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2673.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2673", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11393", "scoring_system": "epss", "scoring_elements": "0.93528", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.11393", "scoring_system": "epss", "scoring_elements": "0.93537", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11393", "scoring_system": "epss", "scoring_elements": "0.93545", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11393", "scoring_system": "epss", "scoring_elements": "0.93554", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11393", "scoring_system": "epss", "scoring_elements": "0.93557", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11393", "scoring_system": "epss", "scoring_elements": "0.93563", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11393", "scoring_system": "epss", "scoring_elements": "0.93562", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.11393", "scoring_system": "epss", "scoring_elements": "0.93582", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2673" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=512914", "reference_id": "512914", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512914" }, { "reference_url": "https://security.gentoo.org/glsa/200911-02", "reference_id": "GLSA-200911-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200911-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1199", "reference_id": "RHSA-2009:1199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1200", "reference_id": "RHSA-2009:1200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1201", "reference_id": "RHSA-2009:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1236", "reference_id": "RHSA-2009:1236", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1236" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1582", "reference_id": "RHSA-2009:1582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1662", "reference_id": "RHSA-2009:1662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0043", "reference_id": "RHSA-2010:0043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0043" }, { "reference_url": "https://usn.ubuntu.com/814-1/", "reference_id": "USN-814-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/814-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-2673" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jgc1-svry-fufd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50719?format=api", "vulnerability_id": "VCID-kh2a-vqze-rfcw", "summary": "Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n including the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2690.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2690.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2690", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04366", "scoring_system": "epss", "scoring_elements": "0.88909", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04366", "scoring_system": "epss", "scoring_elements": "0.88917", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04366", "scoring_system": "epss", "scoring_elements": "0.88933", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04366", "scoring_system": "epss", "scoring_elements": "0.88936", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04366", "scoring_system": "epss", "scoring_elements": "0.88954", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04366", "scoring_system": "epss", "scoring_elements": "0.88959", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04366", "scoring_system": "epss", "scoring_elements": "0.88971", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04366", "scoring_system": "epss", "scoring_elements": "0.88965", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04366", "scoring_system": "epss", "scoring_elements": "0.88964", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04366", "scoring_system": "epss", "scoring_elements": "0.88977", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2690" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=513223", "reference_id": "513223", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513223" }, { "reference_url": "https://security.gentoo.org/glsa/200911-02", "reference_id": "GLSA-200911-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200911-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1200", "reference_id": "RHSA-2009:1200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1201", "reference_id": "RHSA-2009:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1201" }, { "reference_url": "https://usn.ubuntu.com/814-1/", "reference_id": "USN-814-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/814-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-2690" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kh2a-vqze-rfcw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50697?format=api", "vulnerability_id": "VCID-u26k-fk31-wbfc", "summary": "Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n including the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2475.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2475.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2475", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.71919", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.71926", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.71946", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.71923", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.71961", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.71973", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.71998", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.71981", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.71965", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.72006", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2475" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=513215", "reference_id": "513215", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513215" }, { "reference_url": "https://security.gentoo.org/glsa/200911-02", "reference_id": "GLSA-200911-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200911-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1199", "reference_id": "RHSA-2009:1199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1200", "reference_id": "RHSA-2009:1200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1201", "reference_id": "RHSA-2009:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1662", "reference_id": "RHSA-2009:1662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1662" }, { "reference_url": "https://usn.ubuntu.com/814-1/", "reference_id": "USN-814-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/814-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-2475" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u26k-fk31-wbfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50700?format=api", "vulnerability_id": "VCID-xt9m-tfuj-6uht", "summary": "Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n including the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2670.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2670.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2670", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03648", "scoring_system": "epss", "scoring_elements": "0.87809", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03648", "scoring_system": "epss", "scoring_elements": "0.8782", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03648", "scoring_system": "epss", "scoring_elements": "0.87831", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03648", "scoring_system": "epss", "scoring_elements": "0.87834", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03648", "scoring_system": "epss", "scoring_elements": "0.87856", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03648", "scoring_system": "epss", "scoring_elements": "0.87862", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03648", "scoring_system": "epss", "scoring_elements": "0.87873", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03648", "scoring_system": "epss", "scoring_elements": "0.87867", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03648", "scoring_system": "epss", "scoring_elements": "0.87866", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03648", "scoring_system": "epss", "scoring_elements": "0.8788", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2670" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=512896", "reference_id": "512896", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512896" }, { "reference_url": "https://security.gentoo.org/glsa/200911-02", "reference_id": "GLSA-200911-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200911-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1199", "reference_id": "RHSA-2009:1199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1200", "reference_id": "RHSA-2009:1200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1201", "reference_id": "RHSA-2009:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1236", "reference_id": "RHSA-2009:1236", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1236" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1582", "reference_id": "RHSA-2009:1582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1662", "reference_id": "RHSA-2009:1662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0043", "reference_id": "RHSA-2010:0043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0043" }, { "reference_url": "https://usn.ubuntu.com/814-1/", "reference_id": "USN-814-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/814-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-2670" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xt9m-tfuj-6uht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50702?format=api", "vulnerability_id": "VCID-ypf2-kcj7-hfh5", "summary": "Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n including the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2671.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2671.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2671", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0671", "scoring_system": "epss", "scoring_elements": "0.91205", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0671", "scoring_system": "epss", "scoring_elements": "0.9121", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0671", "scoring_system": "epss", "scoring_elements": "0.91219", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0671", "scoring_system": "epss", "scoring_elements": "0.91225", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0671", "scoring_system": "epss", "scoring_elements": "0.91238", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0671", "scoring_system": "epss", "scoring_elements": "0.91245", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0671", "scoring_system": "epss", "scoring_elements": "0.91252", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0671", "scoring_system": "epss", "scoring_elements": "0.91255", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0671", "scoring_system": "epss", "scoring_elements": "0.91254", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0671", "scoring_system": "epss", "scoring_elements": "0.91279", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2671" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907", "reference_id": "512907", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "reference_url": "https://security.gentoo.org/glsa/200911-02", "reference_id": "GLSA-200911-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200911-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1199", "reference_id": "RHSA-2009:1199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1200", "reference_id": "RHSA-2009:1200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1201", "reference_id": "RHSA-2009:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1236", "reference_id": "RHSA-2009:1236", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1236" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1582", "reference_id": "RHSA-2009:1582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1662", "reference_id": "RHSA-2009:1662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0043", "reference_id": "RHSA-2010:0043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0043" }, { "reference_url": "https://usn.ubuntu.com/814-1/", "reference_id": "USN-814-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/814-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-2671" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ypf2-kcj7-hfh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6667?format=api", "vulnerability_id": "VCID-z7ht-bq8z-3qgd", "summary": "XML signature HMAC truncation authentication bypass\nThis package uses a parameter that defines an HMAC truncation length (`HMACOutputLength`) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0217.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83529", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83581", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83557", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83556", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83541", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83605", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.8359", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84512", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84491", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84495", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0217" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-041", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-041" }, { "reference_url": "https://gitlab.gnome.org/Archive/xmlsec/-/commit/34b349675af9f72eb822837a8772cc1ead7115c7", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gitlab.gnome.org/Archive/xmlsec/-/commit/34b349675af9f72eb822837a8772cc1ead7115c7" }, { "reference_url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47526", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47526" }, { "reference_url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47527", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47527" }, { "reference_url": "https://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html" }, { "reference_url": "https://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html" }, { "reference_url": "https://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html" }, { "reference_url": "https://marc.info/?l=bugtraq&m=125787273209737&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://marc.info/?l=bugtraq&m=125787273209737&w=2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217" }, { "reference_url": "https://rhn.redhat.com/errata/RHSA-2009-1428.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1428.html" }, { "reference_url": "https://svn.apache.org/viewvc?revision=794013&view=revision", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://svn.apache.org/viewvc?revision=794013&view=revision" }, { "reference_url": "http://svn.apache.org/viewvc?view=revision&revision=794013", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=revision&revision=794013" }, { "reference_url": "https://www.debian.org/security/2010/dsa-1995", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2010/dsa-1995" }, { "reference_url": "https://www.gentoo.org/security/en/glsa/glsa-201408-19.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.gentoo.org/security/en/glsa/glsa-201408-19.xml" }, { "reference_url": "https://www.kb.cert.org/vuls/id/466161", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.kb.cert.org/vuls/id/466161" }, { "reference_url": "https://www.kb.cert.org/vuls/id/MAPG-7TSKXQ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.kb.cert.org/vuls/id/MAPG-7TSKXQ" }, { "reference_url": "https://www.kb.cert.org/vuls/id/WDON-7TY529", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.kb.cert.org/vuls/id/WDON-7TY529" }, { "reference_url": "https://www.mandriva.com/security/advisories?name=MDVSA-2009:209", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mandriva.com/security/advisories?name=MDVSA-2009:209" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00494.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00494.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00505.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00505.html" }, { "reference_url": "https://www.redhat.com/support/errata/RHSA-2009-1694.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/support/errata/RHSA-2009-1694.html" }, { "reference_url": "https://www.ubuntu.com/usn/USN-903-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.ubuntu.com/usn/USN-903-1" }, { "reference_url": "https://www.us-cert.gov/cas/techalerts/TA09-294A.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.us-cert.gov/cas/techalerts/TA09-294A.html" }, { "reference_url": "https://www.w3.org/2008/06/xmldsigcore-errata.html#e03", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.w3.org/2008/06/xmldsigcore-errata.html#e03" }, { "reference_url": "https://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" }, { "reference_url": "https://bugzilla.redhat.com/CVE-2009-0217", "reference_id": "CVE-2009-0217", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/CVE-2009-0217" }, { "reference_url": "https://github.com/advisories/GHSA-8hfm-837h-hjg5", "reference_id": "GHSA-8hfm-837h-hjg5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8hfm-837h-hjg5" }, { "reference_url": "https://security.gentoo.org/glsa/201206-13", "reference_id": "GLSA-201206-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-13" }, { "reference_url": "https://security.gentoo.org/glsa/201408-19", "reference_id": "GLSA-201408-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1200", "reference_id": "RHSA-2009:1200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1201", "reference_id": "RHSA-2009:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1428", "reference_id": "RHSA-2009:1428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1636", "reference_id": "RHSA-2009:1636", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1636" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1637", "reference_id": "RHSA-2009:1637", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1637" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1649", "reference_id": "RHSA-2009:1649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1650", "reference_id": "RHSA-2009:1650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0043", "reference_id": "RHSA-2010:0043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0043" }, { "reference_url": "https://usn.ubuntu.com/814-1/", "reference_id": "USN-814-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/814-1/" }, { "reference_url": "https://usn.ubuntu.com/826-1/", "reference_id": "USN-826-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/826-1/" }, { "reference_url": "https://usn.ubuntu.com/903-1/", "reference_id": "USN-903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/903-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-0217", "GHSA-8hfm-837h-hjg5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z7ht-bq8z-3qgd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50716?format=api", "vulnerability_id": "VCID-zd4q-75kh-zbfb", "summary": "Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n including the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2676.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2676.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2676", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14224", "scoring_system": "epss", "scoring_elements": "0.9435", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.14224", "scoring_system": "epss", "scoring_elements": "0.94359", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.14224", "scoring_system": "epss", "scoring_elements": "0.94369", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.14224", "scoring_system": "epss", "scoring_elements": "0.9437", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.14224", "scoring_system": "epss", "scoring_elements": "0.9438", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.14224", "scoring_system": "epss", "scoring_elements": "0.94384", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.14224", "scoring_system": "epss", "scoring_elements": "0.94387", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.14224", "scoring_system": "epss", "scoring_elements": "0.94388", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.14224", "scoring_system": "epss", "scoring_elements": "0.94389", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.14224", "scoring_system": "epss", "scoring_elements": "0.94404", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2676" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=515890", "reference_id": "515890", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515890" }, { "reference_url": "https://security.gentoo.org/glsa/200911-02", "reference_id": "GLSA-200911-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200911-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1199", "reference_id": "RHSA-2009:1199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1200", "reference_id": "RHSA-2009:1200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1582", "reference_id": "RHSA-2009:1582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1662", "reference_id": "RHSA-2009:1662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0043", "reference_id": "RHSA-2010:0043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0043" }, { "reference_url": "https://usn.ubuntu.com/814-1/", "reference_id": "USN-814-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/814-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-2676" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zd4q-75kh-zbfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50698?format=api", "vulnerability_id": "VCID-zy35-gkjy-tbfw", "summary": "Multiple vulnerabilities in the Sun JDK and JRE allow for several attacks,\n including the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2476.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2476.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2476", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82325", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82339", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82357", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82352", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.8238", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82387", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82406", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82402", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82397", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82431", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2476" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=513220", "reference_id": "513220", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513220" }, { "reference_url": "https://security.gentoo.org/glsa/200911-02", "reference_id": "GLSA-200911-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200911-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1200", "reference_id": "RHSA-2009:1200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1201", "reference_id": "RHSA-2009:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1201" }, { "reference_url": "https://usn.ubuntu.com/814-1/", "reference_id": "USN-814-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/814-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-2476" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zy35-gkjy-tbfw" } ], "fixing_vulnerabilities": [], "risk_score": "3.1", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.6.0-sun@1:1.6.0.15-1jpp.1%3Farch=el4" }