{"url":"http://public2.vulnerablecode.io/api/packages/128673?format=json","purl":"pkg:rpm/redhat/libpng@2:1.2.7-3.el4_7?arch=2","type":"rpm","namespace":"redhat","name":"libpng","version":"2:1.2.7-3.el4_7","qualifiers":{"arch":"2"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34285?format=json","vulnerability_id":"VCID-pw1x-gvns-bbcx","summary":"Multiple vulnerabilities have been found in VMware Player, Server,\n    and Workstation, allowing remote and local attackers to conduct several\n    attacks, including privilege escalation, remote execution of arbitrary\n    code, and a Denial of Service.","references":[{"reference_url":"ftp://ftp.simplesystems.org/pub/png/src/libpng-1.2.34-ADVISORY.txt","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.simplesystems.org/pub/png/src/libpng-1.2.34-ADVISORY.txt"},{"reference_url":"http://downloads.sourceforge.net/libpng/libpng-1.2.34-ADVISORY.txt","reference_id":"","reference_type":"","scores":[],"url":"http://downloads.sourceforge.net/libpng/libpng-1.2.34-ADVISORY.txt"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html"},{"reference_url":"http://lists.vmware.com/pipermail/security-announce/2009/000062.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.vmware.com/pipermail/security-announce/2009/000062.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0040.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0040.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0040","reference_id":"","reference_type":"","scores":[{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92321","published_at":"2026-05-15T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92209","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92295","published_at":"2026-05-12T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92314","published_at":"2026-05-14T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92216","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92222","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92225","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92235","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92239","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92245","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92246","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92242","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92254","published_at":"2026-04-18T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92255","published_at":"2026-04-21T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.9226","published_at":"2026-04-24T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92261","published_at":"2026-04-26T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92256","published_at":"2026-04-29T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92267","published_at":"2026-05-05T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92276","published_at":"2026-05-07T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92285","published_at":"2026-05-09T12:55:00Z"},{"value":"0.08276","scoring_system":"epss","scoring_elements":"0.92288","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0040"},{"reference_url":"http://secunia.com/advisories/33970","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33970"},{"reference_url":"http://secunia.com/advisories/33976","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33976"},{"reference_url":"http://secunia.com/advisories/34137","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34137"},{"reference_url":"http://secunia.com/advisories/34140","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34140"},{"reference_url":"http://secunia.com/advisories/34143","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34143"},{"reference_url":"http://secunia.com/advisories/34145","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34145"},{"reference_url":"http://secunia.com/advisories/34152","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34152"},{"reference_url":"http://secunia.com/advisories/34210","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34210"},{"reference_url":"http://secunia.com/advisories/34265","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34265"},{"reference_url":"http://secunia.com/advisories/34272","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34272"},{"reference_url":"http://secunia.com/advisories/34320","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34320"},{"reference_url":"http://secunia.com/advisories/34324","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34324"},{"reference_url":"http://secunia.com/advisories/34388","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34388"},{"reference_url":"http://secunia.com/advisories/34462","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34462"},{"reference_url":"http://secunia.com/advisories/34464","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34464"},{"reference_url":"http://secunia.com/advisories/35074","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35074"},{"reference_url":"http://secunia.com/advisories/35258","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35258"},{"reference_url":"http://secunia.com/advisories/35302","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35302"},{"reference_url":"http://secunia.com/advisories/35379","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35379"},{"reference_url":"http://secunia.com/advisories/35386","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35386"},{"reference_url":"http://secunia.com/advisories/36096","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/36096"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200903-28.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200903-28.xml"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201209-25.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201209-25.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/48819","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/48819"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405420","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405420"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.433952","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.433952"},{"reference_url":"http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0902181726i200f4bf0n20d919473ec409b7%40mail.gmail.com","reference_id":"","reference_type":"","scores":[],"url":"http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0902181726i200f4bf0n20d919473ec409b7%40mail.gmail.com"},{"reference_url":"http://sourceforge.net/project/shownotes.php?group_id=1689&release_id=662441","reference_id":"","reference_type":"","scores":[],"url":"http://sourceforge.net/project/shownotes.php?group_id=1689&release_id=662441"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10316","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10316"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6458","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6458"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1"},{"reference_url":"http://support.apple.com/kb/HT3549","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3549"},{"reference_url":"http://support.apple.com/kb/HT3613","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3613"},{"reference_url":"http://support.apple.com/kb/HT3639","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3639"},{"reference_url":"http://support.apple.com/kb/HT3757","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3757"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2009-069.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2009-069.htm"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm"},{"reference_url":"http://support.avaya.com/japple/css/japple?temp.documentID=366362&temp.productID=154235&temp.releaseID=361845&temp.bucketID=126655&PAGE=Document","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/japple/css/japple?temp.documentID=366362&temp.productID=154235&temp.releaseID=361845&temp.bucketID=126655&PAGE=Document"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00272.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00272.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00412.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00412.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html"},{"reference_url":"http://wiki.rpath.com/Advisories:rPSA-2009-0046","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/Advisories:rPSA-2009-0046"},{"reference_url":"http://www.debian.org/security/2009/dsa-1750","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2009/dsa-1750"},{"reference_url":"http://www.debian.org/security/2009/dsa-1830","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2009/dsa-1830"},{"reference_url":"http://www.kb.cert.org/vuls/id/649212","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/649212"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:051","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:051"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:075","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:075"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:083","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:083"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2009-0315.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2009-0315.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2009-0325.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2009-0325.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2009-0333.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2009-0333.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2009-0340.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2009-0340.html"},{"reference_url":"http://www.securityfocus.com/archive/1/501767/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/501767/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/503912/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/503912/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/505990/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/505990/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/33827","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/33827"},{"reference_url":"http://www.securityfocus.com/bid/33990","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/33990"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-218A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA09-218A.html"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2009-0007.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.vmware.com/security/advisories/VMSA-2009-0007.html"},{"reference_url":"http://www.vupen.com/english/advisories/2009/0469","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/0469"},{"reference_url":"http://www.vupen.com/english/advisories/2009/0473","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/0473"},{"reference_url":"http://www.vupen.com/english/advisories/2009/0632","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/0632"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1297"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1451","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1451"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1462","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1462"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1522","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1522"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1560","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1560"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1621","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1621"},{"reference_url":"http://www.vupen.com/english/advisories/2009/2172","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/2172"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=486355","reference_id":"486355","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=486355"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:10.0:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:10.0:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:10.0:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:9.0:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:9.0:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:9.0:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040","reference_id":"CVE-2009-0040","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0040","reference_id":"CVE-2009-0040","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0040"},{"reference_url":"https://security.gentoo.org/glsa/200903-28","reference_id":"GLSA-200903-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200903-28"},{"reference_url":"https://security.gentoo.org/glsa/201209-25","reference_id":"GLSA-201209-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-25"},{"reference_url":"https://security.gentoo.org/glsa/201412-08","reference_id":"GLSA-201412-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-10","reference_id":"mfsa2009-10","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0315","reference_id":"RHSA-2009:0315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0325","reference_id":"RHSA-2009:0325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0333","reference_id":"RHSA-2009:0333","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0333"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0340","reference_id":"RHSA-2009:0340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0340"},{"reference_url":"https://usn.ubuntu.com/728-1/","reference_id":"USN-728-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/728-1/"},{"reference_url":"https://usn.ubuntu.com/730-1/","reference_id":"USN-730-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/730-1/"}],"fixed_packages":[],"aliases":["CVE-2009-0040"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pw1x-gvns-bbcx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38684?format=json","vulnerability_id":"VCID-zv3m-jw5c-6ubn","summary":"POV-Ray includes a version of libpng that might allow for the execution of\n    arbitrary code when reading a specially crafted PNG file","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1382.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1382.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1382","reference_id":"","reference_type":"","scores":[{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.90929","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.90935","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.90944","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.90954","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.90965","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.90971","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.9098","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.90981","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.91005","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.91004","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.91019","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.91017","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.91014","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.91028","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.91043","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.91057","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.91055","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.91064","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.91074","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0633","scoring_system":"epss","scoring_elements":"0.9108","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1382"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=441839","reference_id":"441839","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=441839"},{"reference_url":"https://security.gentoo.org/glsa/200804-15","reference_id":"GLSA-200804-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-15"},{"reference_url":"https://security.gentoo.org/glsa/200805-10","reference_id":"GLSA-200805-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200805-10"},{"reference_url":"https://security.gentoo.org/glsa/200812-15","reference_id":"GLSA-200812-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-15"},{"reference_url":"https://security.gentoo.org/glsa/201412-08","reference_id":"GLSA-201412-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0333","reference_id":"RHSA-2009:0333","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0333"},{"reference_url":"https://usn.ubuntu.com/730-1/","reference_id":"USN-730-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/730-1/"}],"fixed_packages":[],"aliases":["CVE-2008-1382"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zv3m-jw5c-6ubn"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libpng@2:1.2.7-3.el4_7%3Farch=2"}