How severe is CVE-2009-2475?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2009-2475?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2009-2475

HIGH Year: 2009

CVSS v2 Score

7.8

High

Weakness Type

CWE-200

View all →

Vulnerability Description

Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to (1) LayoutQueue, (2) Cursor.predefined, (3) AccessibleResourceBundle.getContents, (4) ImageReaderSpi.STANDARD_INPUT_TYPE, (5) ImageWriterSpi.STANDARD_OUTPUT_TYPE, (6) the imageio plugins, (7) DnsContext.debug, (8) RmfFileReader/StandardMidiFileWriter.types, (9) AbstractSaslImpl.logger, (10) Synth.Region.uiToRegionMap/lowerCaseNameMap, (11) the Introspector class and a cache of BeanInfo, and (12) JAX-WS, a different vulnerability than CVE-2009-2673.

CVE-2024-32037

NONE

CVSS:0.0(None)

GeoNetwork is a catalog application to manage spatially referenced resources. In versions prior to 4.2.10 and 4.4.5, the search end-point response headers contain information about Elasticsearch softw...

CWE-2002024

CVE-2017-2320

CRITICAL

CVSS:10.0(Critical)

A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various denials o...

CWE-2002017

CVE-2019-5016

CRITICAL

CVSS:10.0(Critical)

An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potenti...

CWE-2002019

CVE-2020-13702

CRITICAL

CVSS:10.0(Critical)

The Rolling Proximity Identifier used in the Apple/Google Exposure Notification API beta through 2020-05-29 enables attackers to circumvent Bluetooth Smart Privacy because there is a secondary tempora...

CWE-2002020

CVE-2022-29165

CRITICAL

CVSS:10.0(Critical)

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A critical vulnerability has been discovered in Argo CD starting with version 1.4.0 and prior to versions 2.1.15, 2.2.9, and 2...

CWE-2002022

CVE-2025-22612

CRITICAL

CVSS:10.0(Critical)

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.374, the missing authorization allows an authenticated user to retrieve ...

CWE-2002025

CVE-2009-2475

Vulnerability Description

Related Vulnerabilities

CVE-2024-32037

CVE-2017-2320

CVE-2019-5016

CVE-2020-13702

CVE-2022-29165

CVE-2025-22612