[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-DEBIAN-CVE-2009-2625":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":19,"related":20,"reserved_at":9,"published_at":21,"modified_at":22,"state":9,"summary":23,"references_raw":25,"kevs":32,"epss":9,"epss_history":33,"metrics":34,"affected":35},"DEBIAN-CVE-2009-2625","XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.",null,[],[],[],[14],{"_key":15},"CVE-2009-2625",[17],{"_key":18},"DSA-1984-1",[],[],"2009-08-06T15:30:00.327Z","2026-04-28T20:04:23.064026Z",{"cisa_kev":24,"cisa_ransomware":24,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[26],{"url":27,"sources":28,"tags":30},"https://security-tracker.debian.org/tracker/CVE-2009-2625",[29],"osv_debian",[31],"Advisory",[],[],[],[36],{"ecosystem":37,"name":38,"vendor":39,"product":38,"cpe_part":9,"purl_type":40,"purl_namespace":39,"purl_name":38,"source":9,"versions":41},"Debian","libxerces2-java","debian","deb",[42,48,49,50],{"version":43,"is_range":44,"range_type":45,"version_start":9,"version_start_type":9,"version_end":46,"version_end_type":47,"fixed_in":9},"lt2_9_1_4_1",true,"ecosystem","2.9.1-4.1","excluding",{"version":43,"is_range":44,"range_type":45,"version_start":9,"version_start_type":9,"version_end":46,"version_end_type":47,"fixed_in":9},{"version":43,"is_range":44,"range_type":45,"version_start":9,"version_start_type":9,"version_end":46,"version_end_type":47,"fixed_in":9},{"version":43,"is_range":44,"range_type":45,"version_start":9,"version_start_type":9,"version_end":46,"version_end_type":47,"fixed_in":9}]