{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87802?format=json","vulnerability_id":"VCID-nvmn-jbw1-47cq","summary":"python: rgbimg: multiple security issues","aliases":[{"alias":"CVE-2009-4134"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/127855?format=json","purl":"pkg:rpm/redhat/python@2.3.4-14.9?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-22da-bqwg-2fdf"},{"vulnerability":"VCID-nvmn-jbw1-47cq"},{"vulnerability":"VCID-rnkj-2dgz-kuah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python@2.3.4-14.9%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/127856?format=json","purl":"pkg:rpm/redhat/python@2.4.3-43?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-22da-bqwg-2fdf"},{"vulnerability":"VCID-3cbf-6ugq-tyhh"},{"vulnerability":"VCID-a7h6-8ece-kqec"},{"vulnerability":"VCID-nvmn-jbw1-47cq"},{"vulnerability":"VCID-rnkj-2dgz-kuah"},{"vulnerability":"VCID-wa9f-nvnp-euce"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python@2.4.3-43%3Farch=el5"}],"references":[{"reference_url":"http://bugs.python.org/issue8678","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.python.org/issue8678"},{"reference_url":"http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4134.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4134.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4134","reference_id":"","reference_type":"","scores":[{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.8574","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85572","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85584","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85601","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85607","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85627","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85638","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85653","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85649","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85645","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85668","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85673","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.8569","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85701","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85703","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85719","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4134"},{"reference_url":"http://secunia.com/advisories/42888","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42888"},{"reference_url":"http://secunia.com/advisories/43068","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43068"},{"reference_url":"http://secunia.com/advisories/43364","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43364"},{"reference_url":"http://support.apple.com/kb/HT4435","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT4435"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:215","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:215"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0027.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0027.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0260.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0260.html"},{"reference_url":"http://www.securityfocus.com/bid/40361","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/40361"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0122","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0122"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0212","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0212"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0413","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0413"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=541698","reference_id":"541698","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=541698"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-4134","reference_id":"CVE-2009-4134","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-4134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0027","reference_id":"RHSA-2011:0027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0260","reference_id":"RHSA-2011:0260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0260"}],"weaknesses":[{"cwe_id":787,"name":"Out-of-bounds Write","description":"The product writes data past the end, or before the beginning, of the intended buffer."}],"exploits":[],"severity_range_score":"5.0 - 5.0","exploitability":"0.5","weighted_severity":"4.5","risk_score":2.2,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nvmn-jbw1-47cq"}