{"id":"UBUNTU-CVE-2009-3720","details":"The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.","modified":"2026-05-28T04:15:06.502494074Z","published":"2009-11-03T00:00:00Z","related":["USN-890-1","USN-890-2","USN-890-3","USN-890-4","USN-890-5","USN-890-6"],"upstream":["CVE-2009-3720"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2009-3720"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-890-1"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-890-2"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-890-3"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-890-4"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-890-5"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-890-6"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2009-3720"}],"affected":[{"package":{"name":"coin3","ecosystem":"Ubuntu:Pro:14.04:LTS","purl":"pkg:deb/ubuntu/coin3?arch=source&distro=esm-infra-legacy%2Ftrusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.1.4~abc9f50-3","3.1.4~abc9f50-4","3.1.4~abc9f50-4ubuntu2","3.1.4~abc9f50-4ubuntu2+esm1","3.1.4~abc9f50-4ubuntu2+esm2"],"ecosystem_specific":{"binaries":[{"binary_version":"3.1.4~abc9f50-4ubuntu2+esm2","binary_name":"libcoin80"},{"binary_version":"3.1.4~abc9f50-4ubuntu2+esm2","binary_name":"libcoin80-runtime"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"cableswig","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/cableswig?arch=source&distro=esm-apps-legacy%2Fxenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.1.0+git20150808-1","0.1.0+git20150808-2","0.1.0+git20150808-2ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_version":"0.1.0+git20150808-2ubuntu0.1~esm1","binary_name":"cableswig"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"cadaver","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/cadaver?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.23.3-2ubuntu2"],"ecosystem_specific":{"binaries":[{"binary_version":"0.23.3-2ubuntu2","binary_name":"cadaver"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"coin3","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/coin3?arch=source&distro=esm-apps%2Fxenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.1.4~abc9f50+dfsg1-1","3.1.4~abc9f50+dfsg1-1ubuntu0.1~esm1","3.1.4~abc9f50+dfsg1-1ubuntu0.1~esm2"],"ecosystem_specific":{"binaries":[{"binary_version":"3.1.4~abc9f50+dfsg1-1ubuntu0.1~esm2","binary_name":"libcoin80-runtime"},{"binary_version":"3.1.4~abc9f50+dfsg1-1ubuntu0.1~esm2","binary_name":"libcoin80v5"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"insighttoolkit","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/insighttoolkit?arch=source&distro=esm-apps%2Fxenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.20.1+git20120521-6","3.20.1+git20120521-6build1","3.20.1+git20120521-6ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_version":"3.20.1+git20120521-6ubuntu0.1~esm1","binary_name":"insighttoolkit3-examples"},{"binary_version":"3.20.1+git20120521-6ubuntu0.1~esm1","binary_name":"libinsighttoolkit3.20"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"matanza","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/matanza?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.13+ds1-5"],"ecosystem_specific":{"binaries":[{"binary_version":"0.13+ds1-5","binary_name":"matanza"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"swish-e","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/swish-e?arch=source&distro=esm-apps%2Fxenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.4.7-4","2.4.7-4build1","2.4.7-4ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_version":"2.4.7-4ubuntu0.1~esm1","binary_name":"swish-e"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"cadaver","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/cadaver?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.23.3-2ubuntu3"],"ecosystem_specific":{"binaries":[{"binary_version":"0.23.3-2ubuntu3","binary_name":"cadaver"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"coin3","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/coin3?arch=source&distro=esm-apps%2Fbionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.1.4~abc9f50+dfsg1-2","3.1.4~abc9f50+dfsg2-1","3.1.4~abc9f50+dfsg3-1","3.1.4~abc9f50+dfsg3-2","3.1.4~abc9f50+dfsg3-2ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_version":"3.1.4~abc9f50+dfsg3-2ubuntu0.1~esm1","binary_name":"libcoin80-runtime"},{"binary_version":"3.1.4~abc9f50+dfsg3-2ubuntu0.1~esm1","binary_name":"libcoin80v5"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"matanza","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/matanza?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.13+ds1-5build1","0.13+ds1-6"],"ecosystem_specific":{"binaries":[{"binary_version":"0.13+ds1-6","binary_name":"matanza"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"swish-e","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/swish-e?arch=source&distro=esm-apps%2Fbionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.4.7-5ubuntu1","2.4.7-5ubuntu1+esm1"],"ecosystem_specific":{"binaries":[{"binary_version":"2.4.7-5ubuntu1+esm1","binary_name":"swish-e"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"cadaver","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/cadaver?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.23.3-2.1build1"],"ecosystem_specific":{"binaries":[{"binary_version":"0.23.3-2.1build1","binary_name":"cadaver"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"coin3","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/coin3?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["4.0.0~CMake~6f54f1602475+ds1-3","4.0.0+ds-1build1"],"ecosystem_specific":{"binaries":[{"binary_version":"4.0.0+ds-1build1","binary_name":"libcoin-runtime"},{"binary_version":"4.0.0+ds-1build1","binary_name":"libcoin80c"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"matanza","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/matanza?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.13+ds1-6","0.13+ds2-1"],"ecosystem_specific":{"binaries":[{"binary_version":"0.13+ds2-1","binary_name":"matanza"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"swish-e","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/swish-e?arch=source&distro=esm-apps%2Ffocal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.4.7-6build1","2.4.7-6build2","2.4.7-6ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_version":"2.4.7-6ubuntu0.1~esm1","binary_name":"swish-e"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"cadaver","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/cadaver?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.23.3-2.1build1"],"ecosystem_specific":{"binaries":[{"binary_version":"0.23.3-2.1build1","binary_name":"cadaver"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"coin3","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/coin3?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["4.0.0+ds-1build1","4.0.0+ds-2"],"ecosystem_specific":{"binaries":[{"binary_version":"4.0.0+ds-2","binary_name":"libcoin-runtime"},{"binary_version":"4.0.0+ds-2","binary_name":"libcoin80c"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"matanza","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/matanza?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.13+ds2-1"],"ecosystem_specific":{"binaries":[{"binary_version":"0.13+ds2-1","binary_name":"matanza"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"swish-e","ecosystem":"Ubuntu:Pro:22.04:LTS","purl":"pkg:deb/ubuntu/swish-e?arch=source&distro=esm-apps%2Fjammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.4.7-6build3","2.4.7-6.1","2.4.7-6.1build1","2.4.7-6.1ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_version":"2.4.7-6.1ubuntu0.1~esm1","binary_name":"swish-e"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"cadaver","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/cadaver?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.24+dfsg-2","0.24+dfsg-3","0.24+dfsg-3build1","0.24+dfsg-3build2"],"ecosystem_specific":{"binaries":[{"binary_version":"0.24+dfsg-3build2","binary_name":"cadaver"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"coin3","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/coin3?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["4.0.0+ds-5","4.0.2+ds-1","4.0.2+ds-1.1ubuntu1","4.0.2+ds-1.1ubuntu2"],"ecosystem_specific":{"binaries":[{"binary_version":"4.0.2+ds-1.1ubuntu2","binary_name":"libcoin-runtime"},{"binary_version":"4.0.2+ds-1.1ubuntu2","binary_name":"libcoin80t64"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"matanza","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/matanza?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.13+ds2-1","0.13+ds2-1build1","0.13+ds2-1build2"],"ecosystem_specific":{"binaries":[{"binary_version":"0.13+ds2-1build2","binary_name":"matanza"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"swish-e","ecosystem":"Ubuntu:Pro:24.04:LTS","purl":"pkg:deb/ubuntu/swish-e?arch=source&distro=esm-apps%2Fnoble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.4.7-6.2","2.4.7-6.2build1","2.4.7-6.2build2","2.4.7-6.2build3","2.4.7-6.2ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_version":"2.4.7-6.2ubuntu0.1~esm1","binary_name":"swish-e"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"cadaver","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/cadaver?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.26+dfsg-2"],"ecosystem_specific":{"binaries":[{"binary_version":"0.26+dfsg-2","binary_name":"cadaver"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"coin3","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/coin3?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["4.0.3+ds-2"],"ecosystem_specific":{"binaries":[{"binary_version":"4.0.3+ds-2","binary_name":"libcoin-runtime"},{"binary_version":"4.0.3+ds-2","binary_name":"libcoin80t64"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"matanza","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/matanza?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.13+ds2-2"],"ecosystem_specific":{"binaries":[{"binary_version":"0.13+ds2-2","binary_name":"matanza"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"sitecopy","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/sitecopy?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:0.16.6-16","1:0.16.6-16build1"],"ecosystem_specific":{"binaries":[{"binary_version":"1:0.16.6-16build1","binary_name":"sitecopy"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"swish-e","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/swish-e?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.4.7-6.3","2.4.7-6.3build1","2.4.7-7"],"ecosystem_specific":{"binaries":[{"binary_version":"2.4.7-7","binary_name":"swish-e"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"cadaver","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/cadaver?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.26+dfsg-2","0.28+dfsg-1","0.28+dfsg-2"],"ecosystem_specific":{"binaries":[{"binary_version":"0.28+dfsg-2","binary_name":"cadaver"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"coin3","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/coin3?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["4.0.3+ds-2","4.0.6+ds-1"],"ecosystem_specific":{"binaries":[{"binary_version":"4.0.6+ds-1","binary_name":"libcoin-runtime"},{"binary_version":"4.0.6+ds-1","binary_name":"libcoin80t64"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"matanza","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/matanza?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.13+ds2-2","0.13+ds2-2build1"],"ecosystem_specific":{"binaries":[{"binary_version":"0.13+ds2-2build1","binary_name":"matanza"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"paraview","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/paraview?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.13.2+dfsg-3","5.13.2+dfsg-3ubuntu1","5.13.2+dfsg-3.1","6.0.1+dfsg1-6ubuntu1","6.0.1+dfsg1-7"],"ecosystem_specific":{"binaries":[{"binary_version":"6.0.1+dfsg1-7","binary_name":"paraview"},{"binary_version":"6.0.1+dfsg1-7","binary_name":"python3-paraview"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"sitecopy","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/sitecopy?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:0.16.6-16build1"],"ecosystem_specific":{"binaries":[{"binary_version":"1:0.16.6-16build1","binary_name":"sitecopy"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}},{"package":{"name":"swish-e","ecosystem":"Ubuntu:Pro:26.04:LTS","purl":"pkg:deb/ubuntu/swish-e?arch=source&distro=esm-apps%2Fresolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.4.7-7","2.4.7-7.1","2.4.7-7.1ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_version":"2.4.7-7.1ubuntu0.1~esm1","binary_name":"swish-e"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2009/UBUNTU-CVE-2009-3720.json"}}],"schema_version":"1.7.5","severity":[{"type":"Ubuntu","score":"low"}]}