{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60258?format=json","vulnerability_id":"VCID-h2ee-geak-xqfv","summary":"An error in the X.509 certificate handling of Wget might enable remote\n    attackers to conduct man-in-the-middle attacks.","aliases":[{"alias":"CVE-2009-3490"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942669?format=json","purl":"pkg:deb/debian/wget@1.12-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.12-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/994157?format=json","purl":"pkg:deb/debian/wget@1.12-2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5u23-3wxr-27du"},{"vulnerability":"VCID-8v5w-xx4w-fyc3"},{"vulnerability":"VCID-b4sh-m4q3-8fd3"},{"vulnerability":"VCID-cjxy-4u1b-kyht"},{"vulnerability":"VCID-qtqz-p2a8-ykcv"},{"vulnerability":"VCID-qwxx-kuek-j3fu"},{"vulnerability":"VCID-smv5-udwt-5qcq"},{"vulnerability":"VCID-um8z-unc6-bqhf"},{"vulnerability":"VCID-v7yu-hy66-gyh4"},{"vulnerability":"VCID-yyf4-yz4z-rugu"},{"vulnerability":"VCID-zsab-gux6-eyh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.12-2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/942663?format=json","purl":"pkg:deb/debian/wget@1.21-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-q53y-6aup-17gk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.21-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942661?format=json","purl":"pkg:deb/debian/wget@1.21.3-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-q53y-6aup-17gk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.21.3-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942664?format=json","purl":"pkg:deb/debian/wget@1.25.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.25.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/84836?format=json","purl":"pkg:ebuild/net-misc/wget@1.12","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/net-misc/wget@1.12"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994149?format=json","purl":"pkg:deb/debian/wget@1.4.5-0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4drq-2td7-akbk"},{"vulnerability":"VCID-5u23-3wxr-27du"},{"vulnerability":"VCID-8v5w-xx4w-fyc3"},{"vulnerability":"VCID-b4sh-m4q3-8fd3"},{"vulnerability":"VCID-cjxy-4u1b-kyht"},{"vulnerability":"VCID-fbj7-rc7e-mkgh"},{"vulnerability":"VCID-fuw5-1kwb-tyck"},{"vulnerability":"VCID-h2ee-geak-xqfv"},{"vulnerability":"VCID-p2rg-34nt-dbc1"},{"vulnerability":"VCID-pbm5-fnnd-d3bw"},{"vulnerability":"VCID-pvwa-watz-dfh9"},{"vulnerability":"VCID-qtqz-p2a8-ykcv"},{"vulnerability":"VCID-qwxx-kuek-j3fu"},{"vulnerability":"VCID-smv5-udwt-5qcq"},{"vulnerability":"VCID-txw8-ve2p-vubh"},{"vulnerability":"VCID-um8z-unc6-bqhf"},{"vulnerability":"VCID-v7yu-hy66-gyh4"},{"vulnerability":"VCID-yyf4-yz4z-rugu"},{"vulnerability":"VCID-zsab-gux6-eyh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.4.5-0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/994150?format=json","purl":"pkg:deb/debian/wget@1.5.3-1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4drq-2td7-akbk"},{"vulnerability":"VCID-5u23-3wxr-27du"},{"vulnerability":"VCID-8v5w-xx4w-fyc3"},{"vulnerability":"VCID-b4sh-m4q3-8fd3"},{"vulnerability":"VCID-cjxy-4u1b-kyht"},{"vulnerability":"VCID-fbj7-rc7e-mkgh"},{"vulnerability":"VCID-fuw5-1kwb-tyck"},{"vulnerability":"VCID-h2ee-geak-xqfv"},{"vulnerability":"VCID-p2rg-34nt-dbc1"},{"vulnerability":"VCID-pbm5-fnnd-d3bw"},{"vulnerability":"VCID-pvwa-watz-dfh9"},{"vulnerability":"VCID-qtqz-p2a8-ykcv"},{"vulnerability":"VCID-qwxx-kuek-j3fu"},{"vulnerability":"VCID-smv5-udwt-5qcq"},{"vulnerability":"VCID-txw8-ve2p-vubh"},{"vulnerability":"VCID-um8z-unc6-bqhf"},{"vulnerability":"VCID-v7yu-hy66-gyh4"},{"vulnerability":"VCID-yyf4-yz4z-rugu"},{"vulnerability":"VCID-zsab-gux6-eyh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.5.3-1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/994151?format=json","purl":"pkg:deb/debian/wget@1.5.3-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4drq-2td7-akbk"},{"vulnerability":"VCID-5u23-3wxr-27du"},{"vulnerability":"VCID-8v5w-xx4w-fyc3"},{"vulnerability":"VCID-b4sh-m4q3-8fd3"},{"vulnerability":"VCID-cjxy-4u1b-kyht"},{"vulnerability":"VCID-fbj7-rc7e-mkgh"},{"vulnerability":"VCID-fuw5-1kwb-tyck"},{"vulnerability":"VCID-h2ee-geak-xqfv"},{"vulnerability":"VCID-p2rg-34nt-dbc1"},{"vulnerability":"VCID-pbm5-fnnd-d3bw"},{"vulnerability":"VCID-pvwa-watz-dfh9"},{"vulnerability":"VCID-qtqz-p2a8-ykcv"},{"vulnerability":"VCID-qwxx-kuek-j3fu"},{"vulnerability":"VCID-smv5-udwt-5qcq"},{"vulnerability":"VCID-txw8-ve2p-vubh"},{"vulnerability":"VCID-um8z-unc6-bqhf"},{"vulnerability":"VCID-v7yu-hy66-gyh4"},{"vulnerability":"VCID-yyf4-yz4z-rugu"},{"vulnerability":"VCID-zsab-gux6-eyh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.5.3-3"},{"url":"http://public2.vulnerablecode.io/api/packages/994152?format=json","purl":"pkg:deb/debian/wget@1.8.1-6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4drq-2td7-akbk"},{"vulnerability":"VCID-5u23-3wxr-27du"},{"vulnerability":"VCID-8v5w-xx4w-fyc3"},{"vulnerability":"VCID-b4sh-m4q3-8fd3"},{"vulnerability":"VCID-cjxy-4u1b-kyht"},{"vulnerability":"VCID-fbj7-rc7e-mkgh"},{"vulnerability":"VCID-fuw5-1kwb-tyck"},{"vulnerability":"VCID-h2ee-geak-xqfv"},{"vulnerability":"VCID-p2rg-34nt-dbc1"},{"vulnerability":"VCID-pbm5-fnnd-d3bw"},{"vulnerability":"VCID-pvwa-watz-dfh9"},{"vulnerability":"VCID-qtqz-p2a8-ykcv"},{"vulnerability":"VCID-qwxx-kuek-j3fu"},{"vulnerability":"VCID-smv5-udwt-5qcq"},{"vulnerability":"VCID-txw8-ve2p-vubh"},{"vulnerability":"VCID-um8z-unc6-bqhf"},{"vulnerability":"VCID-v7yu-hy66-gyh4"},{"vulnerability":"VCID-yyf4-yz4z-rugu"},{"vulnerability":"VCID-zsab-gux6-eyh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.8.1-6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/994153?format=json","purl":"pkg:deb/debian/wget@1.9.1-12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4drq-2td7-akbk"},{"vulnerability":"VCID-5u23-3wxr-27du"},{"vulnerability":"VCID-8v5w-xx4w-fyc3"},{"vulnerability":"VCID-b4sh-m4q3-8fd3"},{"vulnerability":"VCID-cjxy-4u1b-kyht"},{"vulnerability":"VCID-fbj7-rc7e-mkgh"},{"vulnerability":"VCID-h2ee-geak-xqfv"},{"vulnerability":"VCID-qtqz-p2a8-ykcv"},{"vulnerability":"VCID-qwxx-kuek-j3fu"},{"vulnerability":"VCID-smv5-udwt-5qcq"},{"vulnerability":"VCID-um8z-unc6-bqhf"},{"vulnerability":"VCID-v7yu-hy66-gyh4"},{"vulnerability":"VCID-yyf4-yz4z-rugu"},{"vulnerability":"VCID-zsab-gux6-eyh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.9.1-12"},{"url":"http://public2.vulnerablecode.io/api/packages/994154?format=json","purl":"pkg:deb/debian/wget@1.10.2-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5u23-3wxr-27du"},{"vulnerability":"VCID-8v5w-xx4w-fyc3"},{"vulnerability":"VCID-b4sh-m4q3-8fd3"},{"vulnerability":"VCID-cjxy-4u1b-kyht"},{"vulnerability":"VCID-fbj7-rc7e-mkgh"},{"vulnerability":"VCID-h2ee-geak-xqfv"},{"vulnerability":"VCID-qtqz-p2a8-ykcv"},{"vulnerability":"VCID-qwxx-kuek-j3fu"},{"vulnerability":"VCID-smv5-udwt-5qcq"},{"vulnerability":"VCID-um8z-unc6-bqhf"},{"vulnerability":"VCID-v7yu-hy66-gyh4"},{"vulnerability":"VCID-yyf4-yz4z-rugu"},{"vulnerability":"VCID-zsab-gux6-eyh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.10.2-2"},{"url":"http://public2.vulnerablecode.io/api/packages/994155?format=json","purl":"pkg:deb/debian/wget@1.10.2-2%2Betch1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5u23-3wxr-27du"},{"vulnerability":"VCID-8v5w-xx4w-fyc3"},{"vulnerability":"VCID-b4sh-m4q3-8fd3"},{"vulnerability":"VCID-cjxy-4u1b-kyht"},{"vulnerability":"VCID-fbj7-rc7e-mkgh"},{"vulnerability":"VCID-h2ee-geak-xqfv"},{"vulnerability":"VCID-qtqz-p2a8-ykcv"},{"vulnerability":"VCID-qwxx-kuek-j3fu"},{"vulnerability":"VCID-smv5-udwt-5qcq"},{"vulnerability":"VCID-um8z-unc6-bqhf"},{"vulnerability":"VCID-v7yu-hy66-gyh4"},{"vulnerability":"VCID-yyf4-yz4z-rugu"},{"vulnerability":"VCID-zsab-gux6-eyh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.10.2-2%252Betch1"},{"url":"http://public2.vulnerablecode.io/api/packages/994156?format=json","purl":"pkg:deb/debian/wget@1.11.4-2%2Blenny2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5u23-3wxr-27du"},{"vulnerability":"VCID-8v5w-xx4w-fyc3"},{"vulnerability":"VCID-b4sh-m4q3-8fd3"},{"vulnerability":"VCID-cjxy-4u1b-kyht"},{"vulnerability":"VCID-fbj7-rc7e-mkgh"},{"vulnerability":"VCID-h2ee-geak-xqfv"},{"vulnerability":"VCID-qtqz-p2a8-ykcv"},{"vulnerability":"VCID-qwxx-kuek-j3fu"},{"vulnerability":"VCID-smv5-udwt-5qcq"},{"vulnerability":"VCID-um8z-unc6-bqhf"},{"vulnerability":"VCID-v7yu-hy66-gyh4"},{"vulnerability":"VCID-yyf4-yz4z-rugu"},{"vulnerability":"VCID-zsab-gux6-eyh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.11.4-2%252Blenny2"},{"url":"http://public2.vulnerablecode.io/api/packages/128323?format=json","purl":"pkg:rpm/redhat/wget@1.10.2-0.30E?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-h2ee-geak-xqfv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/wget@1.10.2-0.30E%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/128324?format=json","purl":"pkg:rpm/redhat/wget@1.10.2-1.el4_8?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-h2ee-geak-xqfv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/wget@1.10.2-1.el4_8%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/128325?format=json","purl":"pkg:rpm/redhat/wget@1.11.4-2.el5_4?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-h2ee-geak-xqfv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/wget@1.11.4-2.el5_4%3Farch=1"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3490.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3490.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3490","reference_id":"","reference_type":"","scores":[{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.83114","published_at":"2026-05-16T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.82845","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.82862","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.82875","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.82871","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.82897","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.82904","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.8292","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.82915","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.82912","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.82951","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.8295","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.82953","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.82973","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.82984","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.82988","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.8301","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.83031","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.83051","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.83066","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.83102","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.83112","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3490"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3490","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3490"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=520454","reference_id":"520454","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=520454"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=549293","reference_id":"549293","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=549293"},{"reference_url":"https://security.gentoo.org/glsa/200910-01","reference_id":"GLSA-200910-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200910-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1549","reference_id":"RHSA-2009:1549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1549"},{"reference_url":"https://usn.ubuntu.com/842-1/","reference_id":"USN-842-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/842-1/"}],"weaknesses":[],"exploits":[],"severity_range_score":"6.8 - 6.8","exploitability":"0.5","weighted_severity":"3.4","risk_score":1.7,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h2ee-geak-xqfv"}