{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3577?format=json","vulnerability_id":"VCID-c8ch-zd9x-kufn","summary":"NULL Bytes in SSL Certificates can be used to falsify client or server authentication. This only affects users who have SSL enabled, perform certificate name validation or client certificate authentication, and where the Certificate Authority (CA) has been tricked into issuing invalid certificates. The use of a CA that can be trusted to always issue valid certificates is recommended to ensure you are not vulnerable to this issue.more details","aliases":[{"alias":"CVE-2009-4034"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85361?format=json","purl":"pkg:ebuild/dev-db/postgresql-base@8.3.18","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-db/postgresql-base@8.3.18"},{"url":"http://public2.vulnerablecode.io/api/packages/85362?format=json","purl":"pkg:ebuild/dev-db/postgresql-base@8.4.11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-db/postgresql-base@8.4.11"},{"url":"http://public2.vulnerablecode.io/api/packages/85363?format=json","purl":"pkg:ebuild/dev-db/postgresql-base@9.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-db/postgresql-base@9.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/85357?format=json","purl":"pkg:ebuild/dev-db/postgresql-server@8.3.18","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-db/postgresql-server@8.3.18"},{"url":"http://public2.vulnerablecode.io/api/packages/85358?format=json","purl":"pkg:ebuild/dev-db/postgresql-server@8.4.11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-db/postgresql-server@8.4.11"},{"url":"http://public2.vulnerablecode.io/api/packages/85359?format=json","purl":"pkg:ebuild/dev-db/postgresql-server@9.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-db/postgresql-server@9.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/354?format=json","purl":"pkg:generic/postgresql@7.4.27","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@7.4.27"},{"url":"http://public2.vulnerablecode.io/api/packages/353?format=json","purl":"pkg:generic/postgresql@8.0.23","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.0.23"},{"url":"http://public2.vulnerablecode.io/api/packages/352?format=json","purl":"pkg:generic/postgresql@8.1.19","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.1.19"},{"url":"http://public2.vulnerablecode.io/api/packages/351?format=json","purl":"pkg:generic/postgresql@8.2.15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.2.15"},{"url":"http://public2.vulnerablecode.io/api/packages/350?format=json","purl":"pkg:generic/postgresql@8.3.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.3.9"},{"url":"http://public2.vulnerablecode.io/api/packages/349?format=json","purl":"pkg:generic/postgresql@8.4.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.4.2"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85355?format=json","purl":"pkg:ebuild/dev-db/postgresql@9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qsp-wvwq-j3f5"},{"vulnerability":"VCID-1uzm-h9m3-akge"},{"vulnerability":"VCID-666x-ret3-xufr"},{"vulnerability":"VCID-6dmy-t1qp-nuf3"},{"vulnerability":"VCID-6vh2-2sja-xba9"},{"vulnerability":"VCID-721k-9zdg-buhv"},{"vulnerability":"VCID-7ev2-5qge-uubs"},{"vulnerability":"VCID-7q99-jk4u-1fen"},{"vulnerability":"VCID-c8ch-zd9x-kufn"},{"vulnerability":"VCID-cffd-gdpc-uqeb"},{"vulnerability":"VCID-s8a2-wbb4-dyda"},{"vulnerability":"VCID-sxmd-5tzu-hkav"},{"vulnerability":"VCID-u5h4-4p6j-wbay"},{"vulnerability":"VCID-v69z-cmag-xfaf"},{"vulnerability":"VCID-xzhq-u9n2-c3gn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-db/postgresql@9"},{"url":"http://public2.vulnerablecode.io/api/packages/85360?format=json","purl":"pkg:ebuild/dev-db/postgresql-base@9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qsp-wvwq-j3f5"},{"vulnerability":"VCID-1uzm-h9m3-akge"},{"vulnerability":"VCID-666x-ret3-xufr"},{"vulnerability":"VCID-6dmy-t1qp-nuf3"},{"vulnerability":"VCID-6vh2-2sja-xba9"},{"vulnerability":"VCID-721k-9zdg-buhv"},{"vulnerability":"VCID-7ev2-5qge-uubs"},{"vulnerability":"VCID-7q99-jk4u-1fen"},{"vulnerability":"VCID-c8ch-zd9x-kufn"},{"vulnerability":"VCID-cffd-gdpc-uqeb"},{"vulnerability":"VCID-s8a2-wbb4-dyda"},{"vulnerability":"VCID-sxmd-5tzu-hkav"},{"vulnerability":"VCID-u5h4-4p6j-wbay"},{"vulnerability":"VCID-v69z-cmag-xfaf"},{"vulnerability":"VCID-xzhq-u9n2-c3gn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-db/postgresql-base@9"},{"url":"http://public2.vulnerablecode.io/api/packages/85356?format=json","purl":"pkg:ebuild/dev-db/postgresql-server@9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qsp-wvwq-j3f5"},{"vulnerability":"VCID-1uzm-h9m3-akge"},{"vulnerability":"VCID-666x-ret3-xufr"},{"vulnerability":"VCID-6dmy-t1qp-nuf3"},{"vulnerability":"VCID-6vh2-2sja-xba9"},{"vulnerability":"VCID-721k-9zdg-buhv"},{"vulnerability":"VCID-7ev2-5qge-uubs"},{"vulnerability":"VCID-7q99-jk4u-1fen"},{"vulnerability":"VCID-c8ch-zd9x-kufn"},{"vulnerability":"VCID-cffd-gdpc-uqeb"},{"vulnerability":"VCID-s8a2-wbb4-dyda"},{"vulnerability":"VCID-sxmd-5tzu-hkav"},{"vulnerability":"VCID-u5h4-4p6j-wbay"},{"vulnerability":"VCID-v69z-cmag-xfaf"},{"vulnerability":"VCID-xzhq-u9n2-c3gn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-db/postgresql-server@9"},{"url":"http://public2.vulnerablecode.io/api/packages/330?format=json","purl":"pkg:generic/postgresql@7.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qsp-wvwq-j3f5"},{"vulnerability":"VCID-1uzm-h9m3-akge"},{"vulnerability":"VCID-4tyx-g9kz-y3fq"},{"vulnerability":"VCID-5zj2-a3y7-zueh"},{"vulnerability":"VCID-6ppw-nxh2-2bfs"},{"vulnerability":"VCID-721k-9zdg-buhv"},{"vulnerability":"VCID-7q99-jk4u-1fen"},{"vulnerability":"VCID-8753-jd2h-8yhw"},{"vulnerability":"VCID-8z74-udgw-kue3"},{"vulnerability":"VCID-c8ch-zd9x-kufn"},{"vulnerability":"VCID-cffd-gdpc-uqeb"},{"vulnerability":"VCID-dema-khb4-d7c3"},{"vulnerability":"VCID-dwxv-7v5k-pbgt"},{"vulnerability":"VCID-f89t-37f7-hbau"},{"vulnerability":"VCID-g5yd-z8gh-pbc4"},{"vulnerability":"VCID-h86x-6j3b-eqfh"},{"vulnerability":"VCID-hase-39jj-6khk"},{"vulnerability":"VCID-jeef-j758-s3a4"},{"vulnerability":"VCID-nj9p-fdc9-m7fu"},{"vulnerability":"VCID-qw91-9hzj-2bbd"},{"vulnerability":"VCID-s1hd-1asy-q3dd"},{"vulnerability":"VCID-swbt-7zch-sbcp"},{"vulnerability":"VCID-u5h4-4p6j-wbay"},{"vulnerability":"VCID-v69z-cmag-xfaf"},{"vulnerability":"VCID-wesb-d296-4ba8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@7.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/331?format=json","purl":"pkg:generic/postgresql@8.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qsp-wvwq-j3f5"},{"vulnerability":"VCID-1uzm-h9m3-akge"},{"vulnerability":"VCID-4tyx-g9kz-y3fq"},{"vulnerability":"VCID-5zj2-a3y7-zueh"},{"vulnerability":"VCID-6ppw-nxh2-2bfs"},{"vulnerability":"VCID-721k-9zdg-buhv"},{"vulnerability":"VCID-7q99-jk4u-1fen"},{"vulnerability":"VCID-8753-jd2h-8yhw"},{"vulnerability":"VCID-8z74-udgw-kue3"},{"vulnerability":"VCID-978k-4cn7-bfbz"},{"vulnerability":"VCID-c8ch-zd9x-kufn"},{"vulnerability":"VCID-cffd-gdpc-uqeb"},{"vulnerability":"VCID-dema-khb4-d7c3"},{"vulnerability":"VCID-f89t-37f7-hbau"},{"vulnerability":"VCID-g5yd-z8gh-pbc4"},{"vulnerability":"VCID-h86x-6j3b-eqfh"},{"vulnerability":"VCID-hase-39jj-6khk"},{"vulnerability":"VCID-jeef-j758-s3a4"},{"vulnerability":"VCID-nj9p-fdc9-m7fu"},{"vulnerability":"VCID-qw91-9hzj-2bbd"},{"vulnerability":"VCID-s1hd-1asy-q3dd"},{"vulnerability":"VCID-swbt-7zch-sbcp"},{"vulnerability":"VCID-u5h4-4p6j-wbay"},{"vulnerability":"VCID-v69z-cmag-xfaf"},{"vulnerability":"VCID-wesb-d296-4ba8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/332?format=json","purl":"pkg:generic/postgresql@8.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qsp-wvwq-j3f5"},{"vulnerability":"VCID-1uzm-h9m3-akge"},{"vulnerability":"VCID-4tyx-g9kz-y3fq"},{"vulnerability":"VCID-5zj2-a3y7-zueh"},{"vulnerability":"VCID-721k-9zdg-buhv"},{"vulnerability":"VCID-7q99-jk4u-1fen"},{"vulnerability":"VCID-8z74-udgw-kue3"},{"vulnerability":"VCID-978k-4cn7-bfbz"},{"vulnerability":"VCID-c8ch-zd9x-kufn"},{"vulnerability":"VCID-cffd-gdpc-uqeb"},{"vulnerability":"VCID-cnye-56z6-qqd6"},{"vulnerability":"VCID-dema-khb4-d7c3"},{"vulnerability":"VCID-f89t-37f7-hbau"},{"vulnerability":"VCID-g5yd-z8gh-pbc4"},{"vulnerability":"VCID-h86x-6j3b-eqfh"},{"vulnerability":"VCID-mr2t-k7zs-7fad"},{"vulnerability":"VCID-nj9p-fdc9-m7fu"},{"vulnerability":"VCID-pqq7-pp4n-fqgp"},{"vulnerability":"VCID-u5h4-4p6j-wbay"},{"vulnerability":"VCID-v69z-cmag-xfaf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/333?format=json","purl":"pkg:generic/postgresql@8.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qsp-wvwq-j3f5"},{"vulnerability":"VCID-1uzm-h9m3-akge"},{"vulnerability":"VCID-5zj2-a3y7-zueh"},{"vulnerability":"VCID-666x-ret3-xufr"},{"vulnerability":"VCID-6dmy-t1qp-nuf3"},{"vulnerability":"VCID-721k-9zdg-buhv"},{"vulnerability":"VCID-7q99-jk4u-1fen"},{"vulnerability":"VCID-978k-4cn7-bfbz"},{"vulnerability":"VCID-c8ch-zd9x-kufn"},{"vulnerability":"VCID-cffd-gdpc-uqeb"},{"vulnerability":"VCID-f89t-37f7-hbau"},{"vulnerability":"VCID-g5yd-z8gh-pbc4"},{"vulnerability":"VCID-h86x-6j3b-eqfh"},{"vulnerability":"VCID-nj9p-fdc9-m7fu"},{"vulnerability":"VCID-s8a2-wbb4-dyda"},{"vulnerability":"VCID-u5h4-4p6j-wbay"},{"vulnerability":"VCID-v69z-cmag-xfaf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/334?format=json","purl":"pkg:generic/postgresql@8.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qsp-wvwq-j3f5"},{"vulnerability":"VCID-1uzm-h9m3-akge"},{"vulnerability":"VCID-2nve-471m-17h6"},{"vulnerability":"VCID-35a3-5eq3-8bep"},{"vulnerability":"VCID-666x-ret3-xufr"},{"vulnerability":"VCID-6dmy-t1qp-nuf3"},{"vulnerability":"VCID-6mck-xykx-yuba"},{"vulnerability":"VCID-721k-9zdg-buhv"},{"vulnerability":"VCID-7jb6-q4x1-cfbw"},{"vulnerability":"VCID-7q99-jk4u-1fen"},{"vulnerability":"VCID-811b-x31n-tfch"},{"vulnerability":"VCID-bdq4-br3j-7kb8"},{"vulnerability":"VCID-c8ch-zd9x-kufn"},{"vulnerability":"VCID-cffd-gdpc-uqeb"},{"vulnerability":"VCID-quqr-bg9k-7yb5"},{"vulnerability":"VCID-s8a2-wbb4-dyda"},{"vulnerability":"VCID-u5h4-4p6j-wbay"},{"vulnerability":"VCID-v69z-cmag-xfaf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/335?format=json","purl":"pkg:generic/postgresql@8.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1uzm-h9m3-akge"},{"vulnerability":"VCID-2nve-471m-17h6"},{"vulnerability":"VCID-35a3-5eq3-8bep"},{"vulnerability":"VCID-666x-ret3-xufr"},{"vulnerability":"VCID-6mck-xykx-yuba"},{"vulnerability":"VCID-721k-9zdg-buhv"},{"vulnerability":"VCID-7jb6-q4x1-cfbw"},{"vulnerability":"VCID-7q99-jk4u-1fen"},{"vulnerability":"VCID-811b-x31n-tfch"},{"vulnerability":"VCID-8cbh-gwwy-n3eq"},{"vulnerability":"VCID-8j4f-u2tq-1qev"},{"vulnerability":"VCID-bdq4-br3j-7kb8"},{"vulnerability":"VCID-c8ch-zd9x-kufn"},{"vulnerability":"VCID-cffd-gdpc-uqeb"},{"vulnerability":"VCID-g4tm-8zhw-a7hn"},{"vulnerability":"VCID-kbgc-w2jw-auh8"},{"vulnerability":"VCID-nz16-gzhk-h3c1"},{"vulnerability":"VCID-pvxg-byvu-pbec"},{"vulnerability":"VCID-quqr-bg9k-7yb5"},{"vulnerability":"VCID-reab-s9cu-yudn"},{"vulnerability":"VCID-s8a2-wbb4-dyda"},{"vulnerability":"VCID-u5h4-4p6j-wbay"},{"vulnerability":"VCID-ux6m-dn6j-37dc"},{"vulnerability":"VCID-v69z-cmag-xfaf"},{"vulnerability":"VCID-w518-wkek-97ag"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.4.0"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4034.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4034.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4034","reference_id":"","reference_type":"","scores":[{"value":"0.01113","scoring_system":"epss","scoring_elements":"0.7811","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01113","scoring_system":"epss","scoring_elements":"0.78118","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01113","scoring_system":"epss","scoring_elements":"0.78148","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88177","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88197","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88203","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88212","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88205","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88206","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88219","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88218","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88236","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88241","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88243","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88256","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88272","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88284","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88282","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88295","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88323","published_at":"2026-05-14T12:55:00Z"},{"value":"0.03854","scoring_system":"epss","scoring_elements":"0.88331","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4034"},{"reference_url":"https://www.postgresql.org/support/security/CVE-2009-4034/","reference_id":"","reference_type":"","scores":[],"url":"https://www.postgresql.org/support/security/CVE-2009-4034/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=547662","reference_id":"547662","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=547662"},{"reference_url":"https://security.gentoo.org/glsa/201110-22","reference_id":"GLSA-201110-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-22"},{"reference_url":"https://usn.ubuntu.com/876-1/","reference_id":"USN-876-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/876-1/"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":"0.5","weighted_severity":"0.0","risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c8ch-zd9x-kufn"}