{"url":"http://public2.vulnerablecode.io/api/packages/351?format=json","purl":"pkg:generic/postgresql@8.2.15","type":"generic","namespace":"","name":"postgresql","version":"8.2.15","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"8.2.17","latest_non_vulnerable_version":"18.2.0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3577?format=json","vulnerability_id":"VCID-c8ch-zd9x-kufn","summary":"NULL Bytes in SSL Certificates can be used to falsify client or server authentication. This only affects users who have SSL enabled, perform certificate name validation or client certificate authentication, and where the Certificate Authority (CA) has been tricked into issuing invalid certificates. The use of a CA that can be trusted to always issue valid certificates is recommended to ensure you are not vulnerable to this issue.more details","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4034.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4034.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4034","reference_id":"","reference_type":"","scores":[{"value":"0.01113","scoring_system":"epss","scoring_elements":"0.7811","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01113","scoring_system":"epss","scoring_elements":"0.78118","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01113","scoring_system":"epss","scoring_elements":"0.78148","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88177","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88197","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88203","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88212","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88205","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88206","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88219","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88218","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88236","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88241","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88243","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88256","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88272","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88284","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4034"},{"reference_url":"https://www.postgresql.org/support/security/CVE-2009-4034/","reference_id":"","reference_type":"","scores":[],"url":"https://www.postgresql.org/support/security/CVE-2009-4034/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=547662","reference_id":"547662","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=547662"},{"reference_url":"https://security.gentoo.org/glsa/201110-22","reference_id":"GLSA-201110-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-22"},{"reference_url":"https://usn.ubuntu.com/876-1/","reference_id":"USN-876-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/876-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354?format=json","purl":"pkg:generic/postgresql@7.4.27","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@7.4.27"},{"url":"http://public2.vulnerablecode.io/api/packages/353?format=json","purl":"pkg:generic/postgresql@8.0.23","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.0.23"},{"url":"http://public2.vulnerablecode.io/api/packages/352?format=json","purl":"pkg:generic/postgresql@8.1.19","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.1.19"},{"url":"http://public2.vulnerablecode.io/api/packages/351?format=json","purl":"pkg:generic/postgresql@8.2.15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.2.15"},{"url":"http://public2.vulnerablecode.io/api/packages/350?format=json","purl":"pkg:generic/postgresql@8.3.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.3.9"},{"url":"http://public2.vulnerablecode.io/api/packages/349?format=json","purl":"pkg:generic/postgresql@8.4.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.4.2"}],"aliases":["CVE-2009-4034"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c8ch-zd9x-kufn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3576?format=json","vulnerability_id":"VCID-u5h4-4p6j-wbay","summary":"Privilege escalation via changing session state in an index function. This closes a corner case related to vulnerabilities CVE-2009-3230 and CVE-2007-6600 (below).more details","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4136.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4136.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4136","reference_id":"","reference_type":"","scores":[{"value":"0.01557","scoring_system":"epss","scoring_elements":"0.81393","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01557","scoring_system":"epss","scoring_elements":"0.81402","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01557","scoring_system":"epss","scoring_elements":"0.81425","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.8153","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81558","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81564","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81583","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81571","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81601","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81603","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81607","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81629","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81637","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81642","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81657","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81679","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81703","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4136"},{"reference_url":"https://www.postgresql.org/support/security/CVE-2009-4136/","reference_id":"","reference_type":"","scores":[],"url":"https://www.postgresql.org/support/security/CVE-2009-4136/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=546321","reference_id":"546321","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=546321"},{"reference_url":"https://security.gentoo.org/glsa/201110-22","reference_id":"GLSA-201110-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0427","reference_id":"RHSA-2010:0427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0428","reference_id":"RHSA-2010:0428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0429","reference_id":"RHSA-2010:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0429"},{"reference_url":"https://usn.ubuntu.com/876-1/","reference_id":"USN-876-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/876-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354?format=json","purl":"pkg:generic/postgresql@7.4.27","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@7.4.27"},{"url":"http://public2.vulnerablecode.io/api/packages/353?format=json","purl":"pkg:generic/postgresql@8.0.23","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.0.23"},{"url":"http://public2.vulnerablecode.io/api/packages/352?format=json","purl":"pkg:generic/postgresql@8.1.19","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.1.19"},{"url":"http://public2.vulnerablecode.io/api/packages/351?format=json","purl":"pkg:generic/postgresql@8.2.15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.2.15"},{"url":"http://public2.vulnerablecode.io/api/packages/350?format=json","purl":"pkg:generic/postgresql@8.3.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.3.9"},{"url":"http://public2.vulnerablecode.io/api/packages/349?format=json","purl":"pkg:generic/postgresql@8.4.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.4.2"}],"aliases":["CVE-2009-4136"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u5h4-4p6j-wbay"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.2.15"}