[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2009-0723":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":39,"duplicate_of":9,"upstream":40,"downstream":41,"duplicates":50,"related":51,"reserved_at":9,"published_at":52,"modified_at":53,"state":54,"summary":55,"references_raw":63,"kevs":254,"epss":255,"epss_history":258,"metrics":521,"affected":526},"CVE-2009-0723","Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow.  NOTE: some of these details are obtained from third party information.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-190","Integer Overflow or Wraparound","The product performs a calculation that can\n         produce an integer overflow or wraparound when the logic\n         assumes that the resulting value will always be larger than\n         the original value. This occurs when an integer value is\n         incremented to a value that is too large to store in the\n         associated representation. When this occurs, the value may\n         become a very small or negative number.","weakness","Stable","Base","Medium",[20],{"id":21,"name":22,"techniques":23},"CAPEC-92","Forced Integer Overflow",[],[25,34],{"_key":26,"name":27,"source":28,"url":29,"maturity":30,"reliability_score":31,"verified":32,"type":9,"platforms":33,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_DD76642AF3E58189","Exploit Reference (scary.beasts.org)","reference","http://scary.beasts.org/security/CESA-2009-003.html","unknown",0.2,false,[],{"_key":35,"name":36,"source":28,"url":37,"maturity":30,"reliability_score":31,"verified":32,"type":9,"platforms":38,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_8601C6F91B18E6EA","Exploit Reference (scarybeastsecurity.blogspot.com)","http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html",[],[],[],[42,44,46,48],{"_key":43},"RHSA-2009:0339",{"_key":45},"RHSA-2009:0377",{"_key":47},"DSA-1745-1",{"_key":49},"DSA-1769-1",[],[],"2009-03-23T14:00:00.000Z","2024-08-07T04:48:51.612Z","Modified",{"cisa_kev":32,"cisa_ransomware":32,"cisa_vendor":9,"epss_severity":56,"epss_score":57,"severity":58,"severity_score":59,"severity_version":60,"severity_source":61,"severity_vector":62,"severity_status":54},"low",0.00858,"high",9.3,"v2.0","nvd","AV:N/AC:M/Au:N/C:C/I:C/A:C",[64,72,78,83,87,93,97,102,107,112,116,120,124,128,132,136,141,145,150,155,161,165,171,176,180,183,187,191,195,199,204,208,212,216,220,227,231,235,239,245,250],{"url":65,"sources":66,"tags":68},"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00851.html",[67,61],"cve.org",[69,70,71],"Vendor Advisory","X Refsource FEDORA","Third Party Advisory",{"url":73,"sources":74,"tags":75},"http://www.mandriva.com/security/advisories?name=MDVSA-2009:137",[67,61],[69,76,77],"X Refsource MANDRIVA","Broken Link",{"url":79,"sources":80,"tags":81},"http://secunia.com/advisories/34632",[67,61],[71,82,77],"X Refsource SECUNIA",{"url":84,"sources":85,"tags":86},"http://secunia.com/advisories/34450",[67,61],[71,82,77],{"url":88,"sources":89,"tags":90},"http://www.securitytracker.com/id?1021869",[67,61],[91,92,77,71],"VDB Entry","X Refsource SECTRACK",{"url":94,"sources":95,"tags":96},"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00811.html",[67,61],[69,70,71],{"url":98,"sources":99,"tags":100},"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html",[67,61],[69,101,71],"X Refsource SUSE",{"url":103,"sources":104,"tags":105},"http://www.ubuntu.com/usn/USN-744-1",[67,61],[69,106,71],"X Refsource UBUNTU",{"url":108,"sources":109,"tags":110},"http://www.debian.org/security/2009/dsa-1745",[67,61],[69,111,71],"X Refsource DEBIAN",{"url":113,"sources":114,"tags":115},"http://secunia.com/advisories/34675",[67,61],[71,82,77],{"url":117,"sources":118,"tags":119},"http://secunia.com/advisories/34454",[67,61],[71,82,77],{"url":121,"sources":122,"tags":123},"http://secunia.com/advisories/34442",[67,61],[71,82,77],{"url":125,"sources":126,"tags":127},"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00856.html",[67,61],[69,70,71],{"url":129,"sources":130,"tags":131},"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00921.html",[67,61],[69,70,71],{"url":133,"sources":134,"tags":135},"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00794.html",[67,61],[69,70,71],{"url":29,"sources":137,"tags":138},[67,61],[139,140],"X Refsource MISC","Exploit",{"url":142,"sources":143,"tags":144},"http://secunia.com/advisories/34382",[67,61],[71,82,77],{"url":146,"sources":147,"tags":148},"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.487438",[67,61],[69,149,71],"X Refsource SLACKWARE",{"url":151,"sources":152,"tags":153},"https://exchange.xforce.ibmcloud.com/vulnerabilities/49326",[67,61],[91,154,71],"X Refsource XF",{"url":156,"sources":157,"tags":158},"https://bugzilla.redhat.com/show_bug.cgi?id=487508",[67,61],[159,160,71],"X Refsource CONFIRM","Issue Tracking",{"url":162,"sources":163,"tags":164},"http://secunia.com/advisories/34418",[67,61],[71,82,77],{"url":166,"sources":167,"tags":168},"http://www.securityfocus.com/archive/1/502031/100/0/threaded",[67,61],[169,170,71,91],"Mailing List","X Refsource BUGTRAQ",{"url":172,"sources":173,"tags":174},"https://rhn.redhat.com/errata/RHSA-2009-0377.html",[67,61],[69,175,71],"X Refsource REDHAT",{"url":177,"sources":178,"tags":179},"http://www.ocert.org/advisories/ocert-2009-003.html",[67,61],[139,71],{"url":37,"sources":181,"tags":182},[67,61],[139,140],{"url":184,"sources":185,"tags":186},"http://secunia.com/advisories/34782",[67,61],[71,82,77],{"url":188,"sources":189,"tags":190},"http://secunia.com/advisories/34367",[67,61],[71,82,77],{"url":192,"sources":193,"tags":194},"http://www.mandriva.com/security/advisories?name=MDVSA-2009:162",[67,61],[69,76,77],{"url":196,"sources":197,"tags":198},"http://www.redhat.com/support/errata/RHSA-2009-0339.html",[67,61],[69,175,77],{"url":200,"sources":201,"tags":202},"http://www.vupen.com/english/advisories/2009/0775",[67,61],[91,203,77],"X Refsource VUPEN",{"url":205,"sources":206,"tags":207},"http://secunia.com/advisories/34463",[67,61],[71,82,77],{"url":209,"sources":210,"tags":211},"http://secunia.com/advisories/34408",[67,61],[71,82,77],{"url":213,"sources":214,"tags":215},"http://www.debian.org/security/2009/dsa-1769",[67,61],[69,111,71],{"url":217,"sources":218,"tags":219},"http://secunia.com/advisories/34400",[67,61],[71,82,77],{"url":221,"sources":222,"tags":223},"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11780",[67,61],[91,224,225,226],"Signature","X Refsource OVAL","Tool Signature",{"url":228,"sources":229,"tags":230},"http://www.mandriva.com/security/advisories?name=MDVSA-2009:121",[67,61],[69,76,77],{"url":232,"sources":233,"tags":234},"http://www.securityfocus.com/archive/1/502018/100/0/threaded",[67,61],[169,170,71,91],{"url":236,"sources":237,"tags":238},"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00799.html",[67,61],[69,70,71],{"url":240,"sources":241,"tags":242},"http://www.securityfocus.com/bid/34185",[67,61],[91,243,77,244,71],"X Refsource BID","Patch",{"url":246,"sources":247,"tags":248},"http://security.gentoo.org/glsa/glsa-200904-19.xml",[67,61],[69,249,71],"X Refsource GENTOO",{"url":251,"sources":252,"tags":253},"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00857.html",[67,61],[69,70,71],[],{"date":256,"score":57,"percentile":257},"2026-06-04",0.7535,[259,263,266,269,272,274,277,280,282,285,288,291,294,296,299,302,305,308,311,313,316,319,322,325,328,330,333,335,338,341,344,347,350,353,356,359,362,365,368,371,374,377,380,383,386,389,392,395,398,400,403,406,409,412,415,418,420,423,426,429,432,435,438,441,444,447,450,453,456,459,462,465,468,471,474,477,479,482,485,488,491,494,497,500,503,506,509,512,515,518],{"date":260,"score":261,"percentile":262},"2025-11-04",0.00945,0.75551,{"date":264,"score":261,"percentile":265},"2025-11-05",0.75547,{"date":267,"score":261,"percentile":268},"2025-11-06",0.75543,{"date":270,"score":261,"percentile":271},"2025-11-07",0.75558,{"date":273,"score":261,"percentile":271},"2025-11-08",{"date":275,"score":261,"percentile":276},"2025-11-09",0.75557,{"date":278,"score":261,"percentile":279},"2025-11-10",0.75545,{"date":281,"score":261,"percentile":265},"2025-11-11",{"date":283,"score":261,"percentile":284},"2025-11-12",0.75567,{"date":286,"score":261,"percentile":287},"2025-11-13",0.75574,{"date":289,"score":261,"percentile":290},"2025-11-14",0.75579,{"date":292,"score":261,"percentile":293},"2025-11-15",0.75576,{"date":295,"score":261,"percentile":293},"2025-11-16",{"date":297,"score":261,"percentile":298},"2025-11-17",0.75568,{"date":300,"score":261,"percentile":301},"2025-11-18",0.74337,{"date":303,"score":261,"percentile":304},"2025-11-19",0.74346,{"date":306,"score":261,"percentile":307},"2025-11-20",0.74355,{"date":309,"score":261,"percentile":310},"2025-11-21",0.75597,{"date":312,"score":261,"percentile":310},"2025-11-22",{"date":314,"score":261,"percentile":315},"2025-11-23",0.75582,{"date":317,"score":261,"percentile":318},"2025-11-24",0.75581,{"date":320,"score":261,"percentile":321},"2025-11-25",0.75585,{"date":323,"score":261,"percentile":324},"2025-11-26",0.75592,{"date":326,"score":261,"percentile":327},"2025-11-27",0.75594,{"date":329,"score":261,"percentile":321},"2025-11-28",{"date":331,"score":261,"percentile":332},"2025-11-29",0.75586,{"date":334,"score":261,"percentile":315},"2025-11-30",{"date":336,"score":57,"percentile":337},"2025-12-01",0.74378,{"date":339,"score":57,"percentile":340},"2025-12-02",0.74385,{"date":342,"score":57,"percentile":343},"2025-12-03",0.74376,{"date":345,"score":57,"percentile":346},"2025-12-04",0.74242,{"date":348,"score":57,"percentile":349},"2025-12-05",0.7425,{"date":351,"score":57,"percentile":352},"2025-12-06",0.74254,{"date":354,"score":57,"percentile":355},"2025-12-07",0.74251,{"date":357,"score":57,"percentile":358},"2025-12-08",0.74255,{"date":360,"score":57,"percentile":361},"2025-12-09",0.74284,{"date":363,"score":57,"percentile":364},"2025-12-10",0.74314,{"date":366,"score":57,"percentile":367},"2025-12-11",0.74329,{"date":369,"score":57,"percentile":370},"2025-12-12",0.74353,{"date":372,"score":57,"percentile":373},"2025-12-13",0.74359,{"date":375,"score":57,"percentile":376},"2025-12-14",0.74358,{"date":378,"score":57,"percentile":379},"2025-12-15",0.74362,{"date":381,"score":57,"percentile":382},"2025-12-16",0.74372,{"date":384,"score":57,"percentile":385},"2025-12-17",0.74383,{"date":387,"score":57,"percentile":388},"2025-12-18",0.74403,{"date":390,"score":57,"percentile":391},"2025-12-19",0.7442,{"date":393,"score":57,"percentile":394},"2025-12-20",0.74417,{"date":396,"score":57,"percentile":397},"2025-12-21",0.74411,{"date":399,"score":57,"percentile":397},"2025-12-22",{"date":401,"score":57,"percentile":402},"2025-12-23",0.74406,{"date":404,"score":57,"percentile":405},"2025-12-24",0.74418,{"date":407,"score":57,"percentile":408},"2025-12-25",0.74445,{"date":410,"score":57,"percentile":411},"2025-12-26",0.74441,{"date":413,"score":57,"percentile":414},"2025-12-27",0.74487,{"date":416,"score":57,"percentile":417},"2025-12-28",0.74421,{"date":419,"score":57,"percentile":394},"2025-12-29",{"date":421,"score":57,"percentile":422},"2025-12-30",0.74431,{"date":424,"score":57,"percentile":425},"2025-12-31",0.74457,{"date":427,"score":57,"percentile":428},"2026-01-01",0.746,{"date":430,"score":57,"percentile":431},"2026-01-02",0.74601,{"date":433,"score":57,"percentile":434},"2026-01-03",0.74602,{"date":436,"score":57,"percentile":437},"2026-01-04",0.74469,{"date":439,"score":57,"percentile":440},"2026-01-05",0.74461,{"date":442,"score":57,"percentile":443},"2026-01-06",0.74477,{"date":445,"score":57,"percentile":446},"2026-01-07",0.74485,{"date":448,"score":57,"percentile":449},"2026-01-08",0.74499,{"date":451,"score":57,"percentile":452},"2026-01-09",0.74504,{"date":454,"score":57,"percentile":455},"2026-01-10",0.74502,{"date":457,"score":57,"percentile":458},"2026-01-11",0.74489,{"date":460,"score":57,"percentile":461},"2026-01-12",0.74476,{"date":463,"score":57,"percentile":464},"2026-01-13",0.74475,{"date":466,"score":57,"percentile":467},"2026-01-14",0.745,{"date":469,"score":57,"percentile":470},"2026-01-15",0.74507,{"date":472,"score":57,"percentile":473},"2026-01-16",0.74522,{"date":475,"score":57,"percentile":476},"2026-01-17",0.74519,{"date":478,"score":57,"percentile":455},"2026-01-18",{"date":480,"score":57,"percentile":481},"2026-01-19",0.74492,{"date":483,"score":57,"percentile":484},"2026-01-20",0.74498,{"date":486,"score":57,"percentile":487},"2026-01-21",0.74503,{"date":489,"score":57,"percentile":490},"2026-01-22",0.74509,{"date":492,"score":57,"percentile":493},"2026-01-23",0.74539,{"date":495,"score":57,"percentile":496},"2026-01-24",0.74547,{"date":498,"score":57,"percentile":499},"2026-01-25",0.7453,{"date":501,"score":57,"percentile":502},"2026-01-26",0.74528,{"date":504,"score":57,"percentile":505},"2026-01-27",0.74537,{"date":507,"score":57,"percentile":508},"2026-01-28",0.74545,{"date":510,"score":57,"percentile":511},"2026-01-29",0.74542,{"date":513,"score":57,"percentile":514},"2026-01-30",0.74544,{"date":516,"score":57,"percentile":517},"2026-01-31",0.74549,{"date":519,"score":57,"percentile":520},"2026-02-01",0.7467,[522],{"source":61,"cvss_v2_0":523,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":59,"baseSeverity":9,"vectorString":62,"impactScore":524,"exploitabilityScore":525},10,8.6,[527,537,546,552],{"ecosystem":9,"name":528,"vendor":528,"product":528,"cpe_part":529,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":530},"gimp","a",[531],{"version":532,"is_range":533,"range_type":534,"version_start":9,"version_start_type":9,"version_end":535,"version_end_type":536,"fixed_in":9},"lt2.9.2",true,"cpe","2.9.2","excluding",{"ecosystem":9,"name":538,"vendor":539,"product":540,"cpe_part":529,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":541},"little cms","littlecms","little_cms",[542],{"version":543,"is_range":533,"range_type":534,"version_start":9,"version_start_type":9,"version_end":544,"version_end_type":545,"fixed_in":9},"lte1.17","1.17","including",{"ecosystem":9,"name":547,"vendor":548,"product":547,"cpe_part":529,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":549},"firefox","mozilla",[550],{"version":551,"is_range":32,"range_type":534,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.1:beta1",{"ecosystem":9,"name":553,"vendor":554,"product":553,"cpe_part":529,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":555},"openjdk","sun",[556],{"version":557,"is_range":533,"range_type":534,"version_start":9,"version_start_type":9,"version_end":558,"version_end_type":545,"fixed_in":9},"lte7","7"]