{"url":"http://public2.vulnerablecode.io/api/packages/87429?format=json","purl":"pkg:generic/postgresql@8.1.19","type":"generic","namespace":"","name":"postgresql","version":"8.1.19","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"8.1.21","latest_non_vulnerable_version":"18.4.0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58275?format=json","vulnerability_id":"VCID-r24r-d4vw-dqgg","summary":"Privilege escalation via changing session state in an index function. This closes a corner case related to vulnerabilities CVE-2009-3230 and CVE-2007-6600 (below).more details","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4136.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4136.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4136","reference_id":"","reference_type":"","scores":[{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81904","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81938","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.8194","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81932","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81947","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4136"},{"reference_url":"https://www.postgresql.org/support/security/CVE-2009-4136/","reference_id":"","reference_type":"","scores":[],"url":"https://www.postgresql.org/support/security/CVE-2009-4136/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=546321","reference_id":"546321","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=546321"},{"reference_url":"https://security.gentoo.org/glsa/201110-22","reference_id":"GLSA-201110-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0427","reference_id":"RHSA-2010:0427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0428","reference_id":"RHSA-2010:0428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0429","reference_id":"RHSA-2010:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0429"},{"reference_url":"https://usn.ubuntu.com/876-1/","reference_id":"USN-876-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/876-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/87431?format=json","purl":"pkg:generic/postgresql@7.4.27","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@7.4.27"},{"url":"http://public2.vulnerablecode.io/api/packages/87430?format=json","purl":"pkg:generic/postgresql@8.0.23","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.0.23"},{"url":"http://public2.vulnerablecode.io/api/packages/87429?format=json","purl":"pkg:generic/postgresql@8.1.19","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.1.19"},{"url":"http://public2.vulnerablecode.io/api/packages/87428?format=json","purl":"pkg:generic/postgresql@8.2.15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.2.15"},{"url":"http://public2.vulnerablecode.io/api/packages/87427?format=json","purl":"pkg:generic/postgresql@8.3.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.3.9"},{"url":"http://public2.vulnerablecode.io/api/packages/87426?format=json","purl":"pkg:generic/postgresql@8.4.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.4.2"}],"aliases":["CVE-2009-4136"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r24r-d4vw-dqgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58276?format=json","vulnerability_id":"VCID-sxcq-kcrg-yudj","summary":"NULL Bytes in SSL Certificates can be used to falsify client or server authentication. This only affects users who have SSL enabled, perform certificate name validation or client certificate authentication, and where the Certificate Authority (CA) has been tricked into issuing invalid certificates. The use of a CA that can be trusted to always issue valid certificates is recommended to ensure you are not vulnerable to this issue.more details","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4034.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4034.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4034","reference_id":"","reference_type":"","scores":[{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88415","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88434","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88436","published_at":"2026-06-06T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.8845","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4034"},{"reference_url":"https://www.postgresql.org/support/security/CVE-2009-4034/","reference_id":"","reference_type":"","scores":[],"url":"https://www.postgresql.org/support/security/CVE-2009-4034/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=547662","reference_id":"547662","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=547662"},{"reference_url":"https://security.gentoo.org/glsa/201110-22","reference_id":"GLSA-201110-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-22"},{"reference_url":"https://usn.ubuntu.com/876-1/","reference_id":"USN-876-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/876-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/87431?format=json","purl":"pkg:generic/postgresql@7.4.27","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@7.4.27"},{"url":"http://public2.vulnerablecode.io/api/packages/87430?format=json","purl":"pkg:generic/postgresql@8.0.23","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.0.23"},{"url":"http://public2.vulnerablecode.io/api/packages/87429?format=json","purl":"pkg:generic/postgresql@8.1.19","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.1.19"},{"url":"http://public2.vulnerablecode.io/api/packages/87428?format=json","purl":"pkg:generic/postgresql@8.2.15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.2.15"},{"url":"http://public2.vulnerablecode.io/api/packages/87427?format=json","purl":"pkg:generic/postgresql@8.3.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.3.9"},{"url":"http://public2.vulnerablecode.io/api/packages/87426?format=json","purl":"pkg:generic/postgresql@8.4.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.4.2"}],"aliases":["CVE-2009-4034"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sxcq-kcrg-yudj"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.1.19"}