[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2009-0733":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":35,"duplicate_of":9,"upstream":36,"downstream":37,"duplicates":46,"related":47,"reserved_at":9,"published_at":48,"modified_at":49,"state":50,"summary":51,"references_raw":59,"kevs":249,"epss":250,"epss_history":253,"metrics":511,"affected":516},"CVE-2009-0733","Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-787","Out-of-bounds Write","The product writes data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base","High",[],[21,30],{"_key":22,"name":23,"source":24,"url":25,"maturity":26,"reliability_score":27,"verified":28,"type":9,"platforms":29,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_DD76642AF3E58189","Exploit Reference (scary.beasts.org)","reference","http://scary.beasts.org/security/CESA-2009-003.html","unknown",0.2,false,[],{"_key":31,"name":32,"source":24,"url":33,"maturity":26,"reliability_score":27,"verified":28,"type":9,"platforms":34,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_8601C6F91B18E6EA","Exploit Reference (scarybeastsecurity.blogspot.com)","http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html",[],[],[],[38,40,42,44],{"_key":39},"RHSA-2009:0339",{"_key":41},"RHSA-2009:0377",{"_key":43},"DSA-1745-1",{"_key":45},"DSA-1769-1",[],[],"2009-03-23T14:00:00.000Z","2024-08-07T04:48:51.638Z","Modified",{"cisa_kev":28,"cisa_ransomware":28,"cisa_vendor":9,"epss_severity":52,"epss_score":53,"severity":54,"severity_score":55,"severity_version":56,"severity_source":57,"severity_vector":58,"severity_status":50},"low",0.01865,"high",9.3,"v2.0","nvd","AV:N/AC:M/Au:N/C:C/I:C/A:C",[60,68,74,80,85,89,94,98,103,108,113,117,121,125,129,133,137,142,146,151,155,161,166,170,173,177,181,185,189,195,200,204,208,212,216,220,224,228,235,240,245],{"url":61,"sources":62,"tags":64},"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00851.html",[63,57],"cve.org",[65,66,67],"Vendor Advisory","X Refsource FEDORA","Third Party Advisory",{"url":69,"sources":70,"tags":71},"https://exchange.xforce.ibmcloud.com/vulnerabilities/49330",[63,57],[72,73,67],"VDB Entry","X Refsource XF",{"url":75,"sources":76,"tags":77},"http://www.mandriva.com/security/advisories?name=MDVSA-2009:137",[63,57],[65,78,79],"X Refsource MANDRIVA","Broken Link",{"url":81,"sources":82,"tags":83},"http://secunia.com/advisories/34632",[63,57],[67,84,79],"X Refsource SECUNIA",{"url":86,"sources":87,"tags":88},"http://secunia.com/advisories/34450",[63,57],[67,84,79],{"url":90,"sources":91,"tags":92},"http://www.securitytracker.com/id?1021869",[63,57],[72,93,79,67],"X Refsource SECTRACK",{"url":95,"sources":96,"tags":97},"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00811.html",[63,57],[65,66,67],{"url":99,"sources":100,"tags":101},"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html",[63,57],[65,102,67],"X Refsource SUSE",{"url":104,"sources":105,"tags":106},"http://www.ubuntu.com/usn/USN-744-1",[63,57],[65,107,67],"X Refsource UBUNTU",{"url":109,"sources":110,"tags":111},"http://www.debian.org/security/2009/dsa-1745",[63,57],[65,112,67],"X Refsource DEBIAN",{"url":114,"sources":115,"tags":116},"http://secunia.com/advisories/34675",[63,57],[67,84,79],{"url":118,"sources":119,"tags":120},"http://secunia.com/advisories/34454",[63,57],[67,84,79],{"url":122,"sources":123,"tags":124},"http://secunia.com/advisories/34442",[63,57],[67,84,79],{"url":126,"sources":127,"tags":128},"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00856.html",[63,57],[65,66,67],{"url":130,"sources":131,"tags":132},"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00921.html",[63,57],[65,66,67],{"url":134,"sources":135,"tags":136},"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00794.html",[63,57],[65,66,67],{"url":25,"sources":138,"tags":139},[63,57],[140,141],"X Refsource MISC","Exploit",{"url":143,"sources":144,"tags":145},"http://secunia.com/advisories/34382",[63,57],[67,84,79],{"url":147,"sources":148,"tags":149},"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.487438",[63,57],[65,150,67],"X Refsource SLACKWARE",{"url":152,"sources":153,"tags":154},"http://secunia.com/advisories/34418",[63,57],[67,84,79],{"url":156,"sources":157,"tags":158},"http://www.securityfocus.com/archive/1/502031/100/0/threaded",[63,57],[159,160,67,72],"Mailing List","X Refsource BUGTRAQ",{"url":162,"sources":163,"tags":164},"https://rhn.redhat.com/errata/RHSA-2009-0377.html",[63,57],[65,165,67],"X Refsource REDHAT",{"url":167,"sources":168,"tags":169},"http://www.ocert.org/advisories/ocert-2009-003.html",[63,57],[140,67],{"url":33,"sources":171,"tags":172},[63,57],[140,141],{"url":174,"sources":175,"tags":176},"http://secunia.com/advisories/34782",[63,57],[67,84,79],{"url":178,"sources":179,"tags":180},"http://secunia.com/advisories/34367",[63,57],[67,84,79],{"url":182,"sources":183,"tags":184},"http://www.mandriva.com/security/advisories?name=MDVSA-2009:162",[63,57],[65,78,79],{"url":186,"sources":187,"tags":188},"http://www.redhat.com/support/errata/RHSA-2009-0339.html",[63,57],[65,165,67],{"url":190,"sources":191,"tags":192},"https://bugzilla.redhat.com/show_bug.cgi?id=487512",[63,57],[193,194,67],"X Refsource CONFIRM","Issue Tracking",{"url":196,"sources":197,"tags":198},"http://www.vupen.com/english/advisories/2009/0775",[63,57],[72,199,79],"X Refsource VUPEN",{"url":201,"sources":202,"tags":203},"http://secunia.com/advisories/34463",[63,57],[67,84,79],{"url":205,"sources":206,"tags":207},"http://secunia.com/advisories/34408",[63,57],[67,84,79],{"url":209,"sources":210,"tags":211},"http://www.debian.org/security/2009/dsa-1769",[63,57],[65,112,67],{"url":213,"sources":214,"tags":215},"http://secunia.com/advisories/34400",[63,57],[67,84,79],{"url":217,"sources":218,"tags":219},"http://www.mandriva.com/security/advisories?name=MDVSA-2009:121",[63,57],[65,78,79],{"url":221,"sources":222,"tags":223},"http://www.securityfocus.com/archive/1/502018/100/0/threaded",[63,57],[159,160,67,72],{"url":225,"sources":226,"tags":227},"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00799.html",[63,57],[65,66,67],{"url":229,"sources":230,"tags":231},"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9742",[63,57],[72,232,233,234],"Signature","X Refsource OVAL","Tool Signature",{"url":236,"sources":237,"tags":238},"http://www.securityfocus.com/bid/34185",[63,57],[72,239,79,67],"X Refsource BID",{"url":241,"sources":242,"tags":243},"http://security.gentoo.org/glsa/glsa-200904-19.xml",[63,57],[65,244,67],"X Refsource GENTOO",{"url":246,"sources":247,"tags":248},"https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00857.html",[63,57],[65,66,67],[],{"date":251,"score":53,"percentile":252},"2026-06-04",0.83424,[254,258,261,264,267,270,273,276,279,282,285,288,290,293,296,299,302,305,308,311,314,317,320,323,326,329,331,334,338,341,344,347,350,352,354,357,360,363,366,369,371,374,377,380,383,386,389,392,395,398,401,403,406,409,412,415,418,421,424,427,430,433,436,439,441,443,446,449,452,454,456,459,462,464,467,470,473,475,478,480,483,486,489,492,494,497,500,503,505,508],{"date":255,"score":256,"percentile":257},"2025-11-04",0.01738,0.81861,{"date":259,"score":256,"percentile":260},"2025-11-05",0.81862,{"date":262,"score":256,"percentile":263},"2025-11-06",0.81865,{"date":265,"score":256,"percentile":266},"2025-11-07",0.81875,{"date":268,"score":256,"percentile":269},"2025-11-08",0.81883,{"date":271,"score":256,"percentile":272},"2025-11-09",0.81879,{"date":274,"score":256,"percentile":275},"2025-11-10",0.81873,{"date":277,"score":256,"percentile":278},"2025-11-11",0.81881,{"date":280,"score":256,"percentile":281},"2025-11-12",0.8189,{"date":283,"score":256,"percentile":284},"2025-11-13",0.81896,{"date":286,"score":256,"percentile":287},"2025-11-14",0.81901,{"date":289,"score":256,"percentile":284},"2025-11-15",{"date":291,"score":256,"percentile":292},"2025-11-16",0.81898,{"date":294,"score":256,"percentile":295},"2025-11-17",0.81894,{"date":297,"score":256,"percentile":298},"2025-11-18",0.80988,{"date":300,"score":256,"percentile":301},"2025-11-19",0.8099,{"date":303,"score":256,"percentile":304},"2025-11-20",0.80994,{"date":306,"score":256,"percentile":307},"2025-11-21",0.81912,{"date":309,"score":256,"percentile":310},"2025-11-22",0.81915,{"date":312,"score":256,"percentile":313},"2025-11-23",0.8191,{"date":315,"score":256,"percentile":316},"2025-11-24",0.81907,{"date":318,"score":256,"percentile":319},"2025-11-25",0.81908,{"date":321,"score":256,"percentile":322},"2025-11-26",0.81909,{"date":324,"score":256,"percentile":325},"2025-11-27",0.81914,{"date":327,"score":256,"percentile":328},"2025-11-28",0.81904,{"date":330,"score":256,"percentile":313},"2025-11-29",{"date":332,"score":256,"percentile":333},"2025-11-30",0.81916,{"date":335,"score":336,"percentile":337},"2025-12-01",0.01603,0.8124,{"date":339,"score":336,"percentile":340},"2025-12-02",0.81244,{"date":342,"score":336,"percentile":343},"2025-12-03",0.81243,{"date":345,"score":336,"percentile":346},"2025-12-04",0.81158,{"date":348,"score":336,"percentile":349},"2025-12-05",0.81166,{"date":351,"score":336,"percentile":349},"2025-12-06",{"date":353,"score":336,"percentile":349},"2025-12-07",{"date":355,"score":336,"percentile":356},"2025-12-08",0.81168,{"date":358,"score":336,"percentile":359},"2025-12-09",0.81186,{"date":361,"score":336,"percentile":362},"2025-12-10",0.81213,{"date":364,"score":336,"percentile":365},"2025-12-11",0.81223,{"date":367,"score":336,"percentile":368},"2025-12-12",0.81236,{"date":370,"score":336,"percentile":368},"2025-12-13",{"date":372,"score":336,"percentile":373},"2025-12-14",0.81232,{"date":375,"score":336,"percentile":376},"2025-12-15",0.8123,{"date":378,"score":336,"percentile":379},"2025-12-16",0.81239,{"date":381,"score":336,"percentile":382},"2025-12-17",0.81249,{"date":384,"score":336,"percentile":385},"2025-12-18",0.81265,{"date":387,"score":336,"percentile":388},"2025-12-19",0.81273,{"date":390,"score":336,"percentile":391},"2025-12-20",0.81267,{"date":393,"score":336,"percentile":394},"2025-12-21",0.81262,{"date":396,"score":336,"percentile":397},"2025-12-22",0.81258,{"date":399,"score":336,"percentile":400},"2025-12-23",0.81261,{"date":402,"score":336,"percentile":388},"2025-12-24",{"date":404,"score":336,"percentile":405},"2025-12-25",0.81289,{"date":407,"score":336,"percentile":408},"2025-12-26",0.8129,{"date":410,"score":336,"percentile":411},"2025-12-27",0.81324,{"date":413,"score":336,"percentile":414},"2025-12-28",0.81275,{"date":416,"score":336,"percentile":417},"2025-12-29",0.81271,{"date":419,"score":336,"percentile":420},"2025-12-30",0.81278,{"date":422,"score":336,"percentile":423},"2025-12-31",0.81291,{"date":425,"score":336,"percentile":426},"2026-01-01",0.81367,{"date":428,"score":336,"percentile":429},"2026-01-02",0.81362,{"date":431,"score":336,"percentile":432},"2026-01-03",0.81356,{"date":434,"score":336,"percentile":435},"2026-01-04",0.81269,{"date":437,"score":336,"percentile":438},"2026-01-05",0.81263,{"date":440,"score":336,"percentile":391},"2026-01-06",{"date":442,"score":336,"percentile":435},"2026-01-07",{"date":444,"score":336,"percentile":445},"2026-01-08",0.81279,{"date":447,"score":336,"percentile":448},"2026-01-09",0.8128,{"date":450,"score":336,"percentile":451},"2026-01-10",0.81282,{"date":453,"score":336,"percentile":414},"2026-01-11",{"date":455,"score":336,"percentile":391},"2026-01-12",{"date":457,"score":336,"percentile":458},"2026-01-13",0.81266,{"date":460,"score":336,"percentile":461},"2026-01-14",0.81287,{"date":463,"score":336,"percentile":408},"2026-01-15",{"date":465,"score":336,"percentile":466},"2026-01-16",0.813,{"date":468,"score":336,"percentile":469},"2026-01-17",0.81306,{"date":471,"score":336,"percentile":472},"2026-01-18",0.81297,{"date":474,"score":336,"percentile":423},"2026-01-19",{"date":476,"score":336,"percentile":477},"2026-01-20",0.81293,{"date":479,"score":336,"percentile":466},"2026-01-21",{"date":481,"score":336,"percentile":482},"2026-01-22",0.81308,{"date":484,"score":336,"percentile":485},"2026-01-23",0.81332,{"date":487,"score":336,"percentile":488},"2026-01-24",0.8134,{"date":490,"score":336,"percentile":491},"2026-01-25",0.81336,{"date":493,"score":336,"percentile":491},"2026-01-26",{"date":495,"score":336,"percentile":496},"2026-01-27",0.81337,{"date":498,"score":336,"percentile":499},"2026-01-28",0.81335,{"date":501,"score":336,"percentile":502},"2026-01-29",0.81331,{"date":504,"score":336,"percentile":502},"2026-01-30",{"date":506,"score":336,"percentile":507},"2026-01-31",0.81338,{"date":509,"score":336,"percentile":510},"2026-02-01",0.81421,[512],{"source":57,"cvss_v2_0":513,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":55,"baseSeverity":9,"vectorString":58,"impactScore":514,"exploitabilityScore":515},10,8.6,[517,527,536,542],{"ecosystem":9,"name":518,"vendor":518,"product":518,"cpe_part":519,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":520},"gimp","a",[521],{"version":522,"is_range":523,"range_type":524,"version_start":9,"version_start_type":9,"version_end":525,"version_end_type":526,"fixed_in":9},"lt2.9.2",true,"cpe","2.9.2","excluding",{"ecosystem":9,"name":528,"vendor":529,"product":530,"cpe_part":519,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":531},"little cms","littlecms","little_cms",[532],{"version":533,"is_range":523,"range_type":524,"version_start":9,"version_start_type":9,"version_end":534,"version_end_type":535,"fixed_in":9},"lte1.17","1.17","including",{"ecosystem":9,"name":537,"vendor":538,"product":537,"cpe_part":519,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":539},"firefox","mozilla",[540],{"version":541,"is_range":28,"range_type":524,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.1:beta1",{"ecosystem":9,"name":543,"vendor":544,"product":543,"cpe_part":519,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":545},"openjdk","sun",[546],{"version":547,"is_range":523,"range_type":524,"version_start":9,"version_start_type":9,"version_end":548,"version_end_type":535,"fixed_in":9},"lte7","7"]