[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2009-2408":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":27,"aliases":28,"duplicate_of":9,"upstream":29,"downstream":30,"duplicates":47,"related":50,"reserved_at":9,"published_at":51,"modified_at":52,"state":53,"summary":54,"references_raw":63,"kevs":207,"epss":208,"epss_history":211,"metrics":465,"affected":476},"CVE-2009-2408","Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-295","Improper Certificate Validation","The product does not validate, or incorrectly validates, a certificate.","weakness","Draft","Base",[19,23],{"id":20,"name":21,"techniques":22},"CAPEC-459","Creating a Rogue Certification Authority Certificate",[],{"id":24,"name":25,"techniques":26},"CAPEC-475","Signature Spoofing by Improper Validation",[],[],[],[],[31,33,35,37,39,41,43,45],{"_key":32},"RHSA-2009:1184",{"_key":34},"RHSA-2009:1186",{"_key":36},"RHSA-2009:1190",{"_key":38},"RHSA-2009:1207",{"_key":40},"RHSA-2009:1432",{"_key":42},"DSA-1874-1",{"_key":44},"DSA-2025-1",{"_key":46},"DEBIAN-CVE-2009-2408",[48],{"_key":49},"CVE-2009-2645",[],"2009-07-30T19:00:00.000Z","2024-08-07T05:52:14.734Z","Modified",{"cisa_kev":55,"cisa_ransomware":55,"cisa_vendor":9,"epss_severity":56,"epss_score":57,"severity":58,"severity_score":59,"severity_version":60,"severity_source":61,"severity_vector":62,"severity_status":53},false,"low",0.01855,"medium",6.8,"v2.0","nvd","AV:N/AC:M/Au:N/C:P/I:P/A:P",[64,73,77,83,88,93,97,102,106,110,115,120,125,129,134,138,143,149,153,157,162,167,172,176,180,184,189,193,198,202],{"url":65,"sources":66,"tags":68},"http://secunia.com/advisories/36139",[67,61],"cve.org",[69,70,71,72],"Third Party Advisory","X Refsource SECUNIA","Broken Link","Vendor Advisory",{"url":74,"sources":75,"tags":76},"http://secunia.com/advisories/36157",[67,61],[69,70,71,72],{"url":78,"sources":79,"tags":80},"http://www.securitytracker.com/id?1022632",[67,61],[81,82,71,69],"VDB Entry","X Refsource SECTRACK",{"url":84,"sources":85,"tags":86},"http://www.mandriva.com/security/advisories?name=MDVSA-2009:197",[67,61],[72,87,71],"X Refsource MANDRIVA",{"url":89,"sources":90,"tags":91},"http://www.novell.com/linux/security/advisories/2009_48_firefox.html",[67,61],[72,92,71],"X Refsource SUSE",{"url":94,"sources":95,"tags":96},"http://www.mandriva.com/security/advisories?name=MDVSA-2009:216",[67,61],[72,87,71],{"url":98,"sources":99,"tags":100},"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html",[67,61],[72,92,101],"Mailing List",{"url":103,"sources":104,"tags":105},"http://secunia.com/advisories/36434",[67,61],[69,70,71,72],{"url":107,"sources":108,"tags":109},"http://secunia.com/advisories/36088",[67,61],[69,70,71,72],{"url":111,"sources":112,"tags":113},"http://isc.sans.org/diary.html?storyid=7003",[67,61],[114,71],"X Refsource MISC",{"url":116,"sources":117,"tags":118},"http://www.redhat.com/support/errata/RHSA-2009-1207.html",[67,61],[72,119,71],"X Refsource REDHAT",{"url":121,"sources":122,"tags":123},"http://www.wired.com/threatlevel/2009/07/kaminsky/",[67,61],[114,124],"Press/Media Coverage",{"url":126,"sources":127,"tags":128},"http://secunia.com/advisories/36669",[67,61],[69,70,71],{"url":130,"sources":131,"tags":132},"http://osvdb.org/56723",[67,61],[81,133,71],"X Refsource OSVDB",{"url":135,"sources":136,"tags":137},"http://www.redhat.com/support/errata/RHSA-2009-1432.html",[67,61],[72,119,71],{"url":139,"sources":140,"tags":141},"http://www.ubuntu.com/usn/usn-810-1",[67,61],[72,142,69],"X Refsource UBUNTU",{"url":144,"sources":145,"tags":146},"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10751",[67,61],[81,147,148,71],"Signature","X Refsource OVAL",{"url":150,"sources":151,"tags":152},"https://usn.ubuntu.com/810-2/",[67,61],[72,142,71],{"url":154,"sources":155,"tags":156},"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8458",[67,61],[81,147,148,71],{"url":158,"sources":159,"tags":160},"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021030.1-1",[67,61],[72,161,71],"X Refsource SUNALERT",{"url":163,"sources":164,"tags":165},"http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/tls_m.c.diff?r1=1.8&r2=1.11&f=h",[67,61],[166,71],"X Refsource CONFIRM",{"url":168,"sources":169,"tags":170},"http://www.vupen.com/english/advisories/2009/3184",[67,61],[81,171,71],"X Refsource VUPEN",{"url":173,"sources":174,"tags":175},"http://secunia.com/advisories/36125",[67,61],[69,70,71,72],{"url":177,"sources":178,"tags":179},"http://secunia.com/advisories/37098",[67,61],[69,70,71],{"url":181,"sources":182,"tags":183},"http://www.mozilla.org/security/announce/2009/mfsa2009-42.html",[67,61],[166,72],{"url":185,"sources":186,"tags":187},"https://bugzilla.redhat.com/show_bug.cgi?id=510251",[67,61],[166,188],"Issue Tracking",{"url":190,"sources":191,"tags":192},"http://www.vupen.com/english/advisories/2009/2085",[67,61],[81,171,71,72],{"url":194,"sources":195,"tags":196},"http://www.debian.org/security/2009/dsa-1874",[67,61],[72,197,101],"X Refsource DEBIAN",{"url":199,"sources":200,"tags":201},"http://www.mandriva.com/security/advisories?name=MDVSA-2009:217",[67,61],[72,87,71],{"url":203,"sources":204,"tags":205},"http://marc.info/?l=oss-security&m=125198917018936&w=2",[67,61],[101,206],"X Refsource MLIST",[],{"date":209,"score":57,"percentile":210},"2026-06-04",0.83376,[212,216,219,222,225,228,231,234,236,239,242,245,248,250,252,255,258,261,264,267,270,273,275,277,280,282,285,288,292,294,297,299,302,304,306,309,312,315,318,321,323,326,329,332,335,338,341,344,347,350,352,355,358,361,364,366,369,372,375,378,380,383,386,389,391,394,397,400,402,404,406,408,410,413,416,419,422,424,428,431,434,437,440,444,447,450,452,454,458,461],{"date":213,"score":214,"percentile":215},"2025-11-04",0.01686,0.81575,{"date":217,"score":214,"percentile":218},"2025-11-05",0.81577,{"date":220,"score":214,"percentile":221},"2025-11-06",0.8158,{"date":223,"score":214,"percentile":224},"2025-11-07",0.81588,{"date":226,"score":214,"percentile":227},"2025-11-08",0.81595,{"date":229,"score":214,"percentile":230},"2025-11-09",0.81593,{"date":232,"score":214,"percentile":233},"2025-11-10",0.81587,{"date":235,"score":214,"percentile":227},"2025-11-11",{"date":237,"score":214,"percentile":238},"2025-11-12",0.81606,{"date":240,"score":214,"percentile":241},"2025-11-13",0.81613,{"date":243,"score":214,"percentile":244},"2025-11-14",0.81618,{"date":246,"score":214,"percentile":247},"2025-11-15",0.81612,{"date":249,"score":214,"percentile":241},"2025-11-16",{"date":251,"score":214,"percentile":247},"2025-11-17",{"date":253,"score":214,"percentile":254},"2025-11-18",0.80701,{"date":256,"score":214,"percentile":257},"2025-11-19",0.80702,{"date":259,"score":214,"percentile":260},"2025-11-20",0.80707,{"date":262,"score":214,"percentile":263},"2025-11-21",0.81629,{"date":265,"score":214,"percentile":266},"2025-11-22",0.81634,{"date":268,"score":214,"percentile":269},"2025-11-23",0.81627,{"date":271,"score":214,"percentile":272},"2025-11-24",0.81625,{"date":274,"score":214,"percentile":269},"2025-11-25",{"date":276,"score":214,"percentile":263},"2025-11-26",{"date":278,"score":214,"percentile":279},"2025-11-27",0.81636,{"date":281,"score":214,"percentile":272},"2025-11-28",{"date":283,"score":214,"percentile":284},"2025-11-29",0.81632,{"date":286,"score":214,"percentile":287},"2025-11-30",0.81638,{"date":289,"score":290,"percentile":291},"2025-12-01",0.01236,0.78702,{"date":293,"score":290,"percentile":291},"2025-12-02",{"date":295,"score":290,"percentile":296},"2025-12-03",0.78699,{"date":298,"score":214,"percentile":279},"2025-12-04",{"date":300,"score":214,"percentile":301},"2025-12-05",0.81643,{"date":303,"score":214,"percentile":301},"2025-12-06",{"date":305,"score":214,"percentile":301},"2025-12-07",{"date":307,"score":214,"percentile":308},"2025-12-08",0.81646,{"date":310,"score":214,"percentile":311},"2025-12-09",0.81663,{"date":313,"score":214,"percentile":314},"2025-12-10",0.8169,{"date":316,"score":214,"percentile":317},"2025-12-11",0.817,{"date":319,"score":214,"percentile":320},"2025-12-12",0.81711,{"date":322,"score":214,"percentile":320},"2025-12-13",{"date":324,"score":214,"percentile":325},"2025-12-14",0.81708,{"date":327,"score":214,"percentile":328},"2025-12-15",0.81705,{"date":330,"score":214,"percentile":331},"2025-12-16",0.81716,{"date":333,"score":214,"percentile":334},"2025-12-17",0.81723,{"date":336,"score":214,"percentile":337},"2025-12-18",0.81736,{"date":339,"score":214,"percentile":340},"2025-12-19",0.8174,{"date":342,"score":214,"percentile":343},"2025-12-20",0.81734,{"date":345,"score":214,"percentile":346},"2025-12-21",0.81731,{"date":348,"score":214,"percentile":349},"2025-12-22",0.81727,{"date":351,"score":214,"percentile":346},"2025-12-23",{"date":353,"score":214,"percentile":354},"2025-12-24",0.81741,{"date":356,"score":214,"percentile":357},"2025-12-25",0.81757,{"date":359,"score":214,"percentile":360},"2025-12-26",0.81756,{"date":362,"score":214,"percentile":363},"2025-12-27",0.81788,{"date":365,"score":214,"percentile":354},"2025-12-28",{"date":367,"score":214,"percentile":368},"2025-12-29",0.81737,{"date":370,"score":214,"percentile":371},"2025-12-30",0.81746,{"date":373,"score":214,"percentile":374},"2025-12-31",0.8176,{"date":376,"score":290,"percentile":377},"2026-01-01",0.78861,{"date":379,"score":290,"percentile":377},"2026-01-02",{"date":381,"score":290,"percentile":382},"2026-01-03",0.78856,{"date":384,"score":214,"percentile":385},"2026-01-04",0.81739,{"date":387,"score":214,"percentile":388},"2026-01-05",0.81735,{"date":390,"score":214,"percentile":340},"2026-01-06",{"date":392,"score":214,"percentile":393},"2026-01-07",0.81742,{"date":395,"score":214,"percentile":396},"2026-01-08",0.81751,{"date":398,"score":214,"percentile":399},"2026-01-09",0.81752,{"date":401,"score":214,"percentile":399},"2026-01-10",{"date":403,"score":214,"percentile":371},"2026-01-11",{"date":405,"score":214,"percentile":340},"2026-01-12",{"date":407,"score":214,"percentile":368},"2026-01-13",{"date":409,"score":214,"percentile":374},"2026-01-14",{"date":411,"score":214,"percentile":412},"2026-01-15",0.81758,{"date":414,"score":214,"percentile":415},"2026-01-16",0.81767,{"date":417,"score":214,"percentile":418},"2026-01-17",0.8177,{"date":420,"score":214,"percentile":421},"2026-01-18",0.81764,{"date":423,"score":214,"percentile":357},"2026-01-19",{"date":425,"score":426,"percentile":427},"2026-01-20",0.01247,0.78873,{"date":429,"score":426,"percentile":430},"2026-01-21",0.78878,{"date":432,"score":426,"percentile":433},"2026-01-22",0.78887,{"date":435,"score":426,"percentile":436},"2026-01-23",0.78915,{"date":438,"score":426,"percentile":439},"2026-01-24",0.78925,{"date":441,"score":442,"percentile":443},"2026-01-25",0.01732,0.82047,{"date":445,"score":442,"percentile":446},"2026-01-26",0.82045,{"date":448,"score":442,"percentile":449},"2026-01-27",0.82043,{"date":451,"score":442,"percentile":449},"2026-01-28",{"date":453,"score":442,"percentile":446},"2026-01-29",{"date":455,"score":456,"percentile":457},"2026-01-30",0.02022,0.83362,{"date":459,"score":456,"percentile":460},"2026-01-31",0.8337,{"date":462,"score":463,"percentile":464},"2026-02-01",0.00942,0.75948,[466],{"source":61,"cvss_v2_0":467,"cvss_v3_0":9,"cvss_v3_1":470,"cvss_v4_0":9},{"baseScore":59,"baseSeverity":9,"vectorString":62,"impactScore":468,"exploitabilityScore":469},6.4,8.6,{"baseScore":471,"baseSeverity":472,"vectorString":473,"impactScore":474,"exploitabilityScore":475},5.9,"MEDIUM","CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",6,5.6,[477,490,497,507,514,520,527,535,544],{"ecosystem":9,"name":478,"vendor":479,"product":480,"cpe_part":481,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":482},"ubuntu linux","canonical","ubuntu_linux","o",[483,486,488],{"version":484,"is_range":55,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.04","cpe",{"version":487,"is_range":55,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.10",{"version":489,"is_range":55,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.04",{"ecosystem":9,"name":491,"vendor":492,"product":493,"cpe_part":481,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":494},"debian linux","debian","debian_linux",[495],{"version":496,"is_range":55,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0",{"ecosystem":9,"name":498,"vendor":499,"product":498,"cpe_part":500,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":501},"firefox","mozilla","a",[502],{"version":503,"is_range":504,"range_type":485,"version_start":9,"version_start_type":9,"version_end":505,"version_end_type":506,"fixed_in":9},"lt3.0.13",true,"3.0.13","excluding",{"ecosystem":9,"name":508,"vendor":499,"product":509,"cpe_part":500,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":510},"network security services","network_security_services",[511],{"version":512,"is_range":504,"range_type":485,"version_start":9,"version_start_type":9,"version_end":513,"version_end_type":506,"fixed_in":9},"lt3.12.3","3.12.3",{"ecosystem":9,"name":515,"vendor":499,"product":515,"cpe_part":500,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":516},"seamonkey",[517],{"version":518,"is_range":504,"range_type":485,"version_start":9,"version_start_type":9,"version_end":519,"version_end_type":506,"fixed_in":9},"lt1.1.18","1.1.18",{"ecosystem":9,"name":521,"vendor":499,"product":522,"cpe_part":500,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":523},"Thunderbird","thunderbird",[524],{"version":525,"is_range":504,"range_type":485,"version_start":9,"version_start_type":9,"version_end":526,"version_end_type":506,"fixed_in":9},"lt2.0.0.23","2.0.0.23",{"ecosystem":9,"name":528,"vendor":528,"product":528,"cpe_part":481,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":529},"opensuse",[530],{"version":531,"is_range":504,"range_type":485,"version_start":532,"version_start_type":533,"version_end":534,"version_end_type":533,"fixed_in":9},"gte10.3_lte11.1","10.3","including","11.1",{"ecosystem":9,"name":536,"vendor":537,"product":538,"cpe_part":481,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":539},"linux enterprise","suse","linux_enterprise",[540,542],{"version":541,"is_range":55,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0",{"version":543,"is_range":55,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0",{"ecosystem":9,"name":545,"vendor":537,"product":546,"cpe_part":481,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":547},"linux enterprise server","linux_enterprise_server",[548],{"version":549,"is_range":55,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9"]