[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2014-9709":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":78,"duplicate_of":9,"upstream":79,"downstream":80,"duplicates":107,"related":108,"reserved_at":9,"published_at":113,"modified_at":114,"state":115,"summary":116,"references_raw":123,"kevs":233,"epss":234,"epss_history":237,"metrics":491,"affected":496},"CVE-2014-9709","The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[69],{"_key":70,"name":71,"source":72,"url":73,"maturity":74,"reliability_score":75,"verified":76,"type":9,"platforms":77,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_A5E7ECA3B4F5CA4C","Exploit Reference (php.net)","reference","http://php.net/ChangeLog-5.php","unknown",0.2,false,[],[],[],[81,83,85,87,89,91,93,95,97,99,101,103,105],{"_key":82},"RHSA-2015:1053",{"_key":84},"RHSA-2015:1066",{"_key":86},"RHSA-2015:1135",{"_key":88},"RHSA-2015:1218",{"_key":90},"SUSE-SU-2015:0866-1",{"_key":92},"SUSE-SU-2015:0868-1",{"_key":94},"SUSE-SU-2016:1638-1",{"_key":96},"SUSE-SU-2023:0072-1",{"_key":98},"DLA-189-1",{"_key":100},"DSA-3215-1",{"_key":102},"UBUNTU-CVE-2014-9709",{"_key":104},"USN-2987-1",{"_key":106},"DEBIAN-CVE-2014-9709",[],[109,110,111,112],{"_key":90},{"_key":92},{"_key":94},{"_key":96},"2015-03-30T10:00:00.000Z","2024-08-06T13:55:04.341Z","Modified",{"cisa_kev":76,"cisa_ransomware":76,"cisa_vendor":9,"epss_severity":117,"epss_score":118,"severity":117,"severity_score":119,"severity_version":120,"severity_source":121,"severity_vector":122,"severity_status":115},"medium",0.12088,5,"v2.0","nvd","AV:N/AC:L/Au:N/C:N/I:N/A:P",[124,132,138,144,150,155,159,163,168,172,177,181,185,190,194,199,204,209,213,217,221,225,229],{"url":125,"sources":126,"tags":128},"http://www.mandriva.com/security/advisories?name=MDVSA-2015:153",[127,121],"cve.org",[129,130,131],"Vendor Advisory","X Refsource MANDRIVA","Third Party Advisory",{"url":133,"sources":134,"tags":135},"https://bugzilla.redhat.com/show_bug.cgi?id=1188639",[127,121],[136,137,131],"X Refsource CONFIRM","Issue Tracking",{"url":139,"sources":140,"tags":141},"http://www.securitytracker.com/id/1033703",[127,121],[142,143,131],"VDB Entry","X Refsource SECTRACK",{"url":145,"sources":146,"tags":147},"http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html",[127,121],[129,148,149,131],"X Refsource SUSE","Mailing List",{"url":151,"sources":152,"tags":153},"http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html",[127,121],[129,154,149,131],"X Refsource APPLE",{"url":156,"sources":157,"tags":158},"https://bitbucket.org/libgd/gd-libgd/commits/47eb44b2e90ca88a08dca9f9a1aa9041e9587f43",[127,121],[136,131],{"url":160,"sources":161,"tags":162},"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",[127,121],[136,131],{"url":164,"sources":165,"tags":166},"http://marc.info/?l=bugtraq&m=143403519711434&w=2",[127,121],[129,167,149,131],"X Refsource HP",{"url":73,"sources":169,"tags":170},[127,121],[136,171,129],"Exploit",{"url":173,"sources":174,"tags":175},"http://www.debian.org/security/2015/dsa-3215",[127,121],[129,176,131],"X Refsource DEBIAN",{"url":178,"sources":179,"tags":180},"http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html",[127,121],[129,148,149,131],{"url":182,"sources":183,"tags":184},"https://support.apple.com/HT205267",[127,121],[136,131],{"url":186,"sources":187,"tags":188},"https://security.gentoo.org/glsa/201607-04",[127,121],[129,189,131],"X Refsource GENTOO",{"url":191,"sources":192,"tags":193},"http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",[127,121],[136,131],{"url":195,"sources":196,"tags":197},"http://www.ubuntu.com/usn/USN-2987-1",[127,121],[129,198,131],"X Refsource UBUNTU",{"url":200,"sources":201,"tags":202},"http://www.securityfocus.com/bid/73306",[127,121],[142,203,131],"X Refsource BID",{"url":205,"sources":206,"tags":207},"http://rhn.redhat.com/errata/RHSA-2015-1135.html",[127,121],[129,208,131],"X Refsource REDHAT",{"url":210,"sources":211,"tags":212},"https://bugs.php.net/bug.php?id=68601",[127,121],[136,129],{"url":214,"sources":215,"tags":216},"http://rhn.redhat.com/errata/RHSA-2015-1053.html",[127,121],[129,208,131],{"url":218,"sources":219,"tags":220},"http://advisories.mageia.org/MGASA-2015-0040.html",[127,121],[136,131],{"url":222,"sources":223,"tags":224},"https://security.gentoo.org/glsa/201606-10",[127,121],[129,189,131],{"url":226,"sources":227,"tags":228},"http://rhn.redhat.com/errata/RHSA-2015-1066.html",[127,121],[129,208,131],{"url":230,"sources":231,"tags":232},"http://rhn.redhat.com/errata/RHSA-2015-1218.html",[127,121],[129,208,131],[],{"date":235,"score":118,"percentile":236},"2026-06-04",0.93926,[238,242,245,247,250,253,256,258,261,264,267,270,273,275,278,281,284,287,290,293,296,299,302,305,308,311,314,316,320,323,325,327,329,331,334,337,340,343,346,349,351,353,356,359,362,365,368,371,374,377,379,382,385,388,392,394,396,398,401,404,407,410,413,416,418,420,422,424,427,429,432,435,439,442,445,448,450,453,455,458,461,464,467,470,473,476,479,482,484,487],{"date":239,"score":240,"percentile":241},"2025-11-04",0.15311,0.94328,{"date":243,"score":240,"percentile":244},"2025-11-05",0.94327,{"date":246,"score":240,"percentile":241},"2025-11-06",{"date":248,"score":240,"percentile":249},"2025-11-07",0.94332,{"date":251,"score":240,"percentile":252},"2025-11-08",0.94333,{"date":254,"score":240,"percentile":255},"2025-11-09",0.94331,{"date":257,"score":240,"percentile":249},"2025-11-10",{"date":259,"score":240,"percentile":260},"2025-11-11",0.94334,{"date":262,"score":240,"percentile":263},"2025-11-12",0.94339,{"date":265,"score":240,"percentile":266},"2025-11-13",0.9434,{"date":268,"score":240,"percentile":269},"2025-11-14",0.94342,{"date":271,"score":240,"percentile":272},"2025-11-15",0.94338,{"date":274,"score":240,"percentile":269},"2025-11-16",{"date":276,"score":240,"percentile":277},"2025-11-17",0.94341,{"date":279,"score":240,"percentile":280},"2025-11-18",0.94056,{"date":282,"score":240,"percentile":283},"2025-11-19",0.9406,{"date":285,"score":240,"percentile":286},"2025-11-20",0.94064,{"date":288,"score":240,"percentile":289},"2025-11-21",0.9435,{"date":291,"score":240,"percentile":292},"2025-11-22",0.94348,{"date":294,"score":240,"percentile":295},"2025-11-23",0.94351,{"date":297,"score":240,"percentile":298},"2025-11-24",0.94353,{"date":300,"score":240,"percentile":301},"2025-11-25",0.94356,{"date":303,"score":240,"percentile":304},"2025-11-26",0.94357,{"date":306,"score":240,"percentile":307},"2025-11-27",0.94359,{"date":309,"score":240,"percentile":310},"2025-11-28",0.94355,{"date":312,"score":240,"percentile":313},"2025-11-29",0.94358,{"date":315,"score":240,"percentile":304},"2025-11-30",{"date":317,"score":318,"percentile":319},"2025-12-01",0.07108,0.91232,{"date":321,"score":318,"percentile":322},"2025-12-02",0.9123,{"date":324,"score":318,"percentile":322},"2025-12-03",{"date":326,"score":240,"percentile":301},"2025-12-04",{"date":328,"score":240,"percentile":307},"2025-12-05",{"date":330,"score":240,"percentile":313},"2025-12-06",{"date":332,"score":240,"percentile":333},"2025-12-07",0.94363,{"date":335,"score":240,"percentile":336},"2025-12-08",0.94364,{"date":338,"score":240,"percentile":339},"2025-12-09",0.94369,{"date":341,"score":240,"percentile":342},"2025-12-10",0.94376,{"date":344,"score":240,"percentile":345},"2025-12-11",0.9438,{"date":347,"score":240,"percentile":348},"2025-12-12",0.94381,{"date":350,"score":240,"percentile":348},"2025-12-13",{"date":352,"score":240,"percentile":345},"2025-12-14",{"date":354,"score":240,"percentile":355},"2025-12-15",0.94384,{"date":357,"score":240,"percentile":358},"2025-12-16",0.94386,{"date":360,"score":240,"percentile":361},"2025-12-17",0.94388,{"date":363,"score":240,"percentile":364},"2025-12-18",0.94391,{"date":366,"score":240,"percentile":367},"2025-12-19",0.94393,{"date":369,"score":240,"percentile":370},"2025-12-20",0.94394,{"date":372,"score":240,"percentile":373},"2025-12-21",0.94399,{"date":375,"score":240,"percentile":376},"2025-12-22",0.944,{"date":378,"score":240,"percentile":373},"2025-12-23",{"date":380,"score":240,"percentile":381},"2025-12-24",0.94403,{"date":383,"score":240,"percentile":384},"2025-12-25",0.9441,{"date":386,"score":240,"percentile":387},"2025-12-26",0.94408,{"date":389,"score":390,"percentile":391},"2025-12-27",0.11671,0.93471,{"date":393,"score":240,"percentile":387},"2025-12-28",{"date":395,"score":240,"percentile":387},"2025-12-29",{"date":397,"score":240,"percentile":384},"2025-12-30",{"date":399,"score":240,"percentile":400},"2025-12-31",0.94414,{"date":402,"score":318,"percentile":403},"2026-01-01",0.91304,{"date":405,"score":318,"percentile":406},"2026-01-02",0.91299,{"date":408,"score":318,"percentile":409},"2026-01-03",0.91298,{"date":411,"score":240,"percentile":412},"2026-01-04",0.94407,{"date":414,"score":240,"percentile":415},"2026-01-05",0.94402,{"date":417,"score":240,"percentile":381},"2026-01-06",{"date":419,"score":240,"percentile":381},"2026-01-07",{"date":421,"score":240,"percentile":412},"2026-01-08",{"date":423,"score":240,"percentile":387},"2026-01-09",{"date":425,"score":240,"percentile":426},"2026-01-10",0.94409,{"date":428,"score":240,"percentile":412},"2026-01-11",{"date":430,"score":240,"percentile":431},"2026-01-12",0.94405,{"date":433,"score":240,"percentile":434},"2026-01-13",0.94406,{"date":436,"score":437,"percentile":438},"2026-01-14",0.16543,0.94689,{"date":440,"score":437,"percentile":441},"2026-01-15",0.9469,{"date":443,"score":437,"percentile":444},"2026-01-16",0.94693,{"date":446,"score":437,"percentile":447},"2026-01-17",0.94695,{"date":449,"score":437,"percentile":444},"2026-01-18",{"date":451,"score":437,"percentile":452},"2026-01-19",0.94688,{"date":454,"score":437,"percentile":444},"2026-01-20",{"date":456,"score":437,"percentile":457},"2026-01-21",0.94694,{"date":459,"score":437,"percentile":460},"2026-01-22",0.94697,{"date":462,"score":437,"percentile":463},"2026-01-23",0.94703,{"date":465,"score":437,"percentile":466},"2026-01-24",0.94707,{"date":468,"score":437,"percentile":469},"2026-01-25",0.9471,{"date":471,"score":437,"percentile":472},"2026-01-26",0.94711,{"date":474,"score":437,"percentile":475},"2026-01-27",0.94712,{"date":477,"score":437,"percentile":478},"2026-01-28",0.94714,{"date":480,"score":437,"percentile":481},"2026-01-29",0.94716,{"date":483,"score":437,"percentile":481},"2026-01-30",{"date":485,"score":437,"percentile":486},"2026-01-31",0.94718,{"date":488,"score":489,"percentile":490},"2026-02-01",0.08216,0.92031,[492],{"source":121,"cvss_v2_0":493,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":119,"baseSeverity":9,"vectorString":122,"impactScore":494,"exploitabilityScore":495},2.9,10,[497,512,521,530,537],{"ecosystem":9,"name":498,"vendor":499,"product":500,"cpe_part":501,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":502},"ubuntu linux","canonical","ubuntu_linux","o",[503,506,508,510],{"version":504,"is_range":76,"range_type":505,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.04","cpe",{"version":507,"is_range":76,"range_type":505,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04",{"version":509,"is_range":76,"range_type":505,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.10",{"version":511,"is_range":76,"range_type":505,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"ecosystem":9,"name":513,"vendor":514,"product":515,"cpe_part":501,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":516},"debian linux","debian","debian_linux",[517,519],{"version":518,"is_range":76,"range_type":505,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0",{"version":520,"is_range":76,"range_type":505,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"ecosystem":9,"name":522,"vendor":522,"product":522,"cpe_part":523,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":524},"libgd","a",[525],{"version":526,"is_range":527,"range_type":505,"version_start":9,"version_start_type":9,"version_end":528,"version_end_type":529,"fixed_in":9},"lte2.1.1",true,"2.1.1","including",{"ecosystem":9,"name":531,"vendor":531,"product":531,"cpe_part":501,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":532},"opensuse",[533,535],{"version":534,"is_range":76,"range_type":505,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"13.1",{"version":536,"is_range":76,"range_type":505,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"13.2",{"ecosystem":9,"name":538,"vendor":9,"product":538,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":539},"PHP",[540,545,549],{"version":541,"is_range":527,"range_type":505,"version_start":542,"version_start_type":529,"version_end":543,"version_end_type":544,"fixed_in":9},"gte5.4.0_lt5.4.40","5.4.0","5.4.40","excluding",{"version":546,"is_range":527,"range_type":505,"version_start":547,"version_start_type":529,"version_end":548,"version_end_type":544,"fixed_in":9},"gte5.5.0_lt5.5.21","5.5.0","5.5.21",{"version":550,"is_range":527,"range_type":505,"version_start":551,"version_start_type":529,"version_end":552,"version_end_type":544,"fixed_in":9},"gte5.6.0_lt5.6.5","5.6.0","5.6.5"]