[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-11035":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":33,"duplicate_of":9,"upstream":34,"downstream":35,"duplicates":70,"related":71,"reserved_at":9,"published_at":81,"modified_at":82,"state":83,"summary":84,"references_raw":92,"kevs":162,"epss":163,"epss_history":166,"metrics":423,"affected":441},"CVE-2019-11035","When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[24],{"_key":25,"name":26,"source":27,"url":28,"maturity":29,"reliability_score":30,"verified":31,"type":9,"platforms":32,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_4CF2C3EEC96950C3","Exploit Reference (bugs.php.net)","reference","https://bugs.php.net/bug.php?id=77831","unknown",0.2,false,[],[],[],[36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68],{"_key":37},"SUSE-SU-2019:1325-1",{"_key":39},"SUSE-SU-2019:1360-1",{"_key":41},"SUSE-SU-2019:1365-1",{"_key":43},"SUSE-SU-2019:1461-1",{"_key":45},"SUSE-SU-2022:4067-1",{"_key":47},"OPENSUSE-SU-2019:1572-1",{"_key":49},"OPENSUSE-SU-2019:1573-1",{"_key":51},"OPENSUSE-SU-2024:11167-1",{"_key":53},"OPENSUSE-SU-2024:11169-1",{"_key":55},"RHSA-2020:1624",{"_key":57},"DLA-1803-1",{"_key":59},"DSA-4529-1",{"_key":61},"UBUNTU-CVE-2019-11035",{"_key":63},"USN-3953-1",{"_key":65},"USN-3953-2",{"_key":67},"RHSA-2019:2519",{"_key":69},"RHSA-2019:3299",[],[72,73,74,75,76,77,78,79,80],{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},"2019-04-18T16:57:00.996Z","2024-09-17T03:43:08.668Z","Modified",{"cisa_kev":31,"cisa_ransomware":31,"cisa_vendor":9,"epss_severity":85,"epss_score":86,"severity":87,"severity_score":88,"severity_version":89,"severity_source":90,"severity_vector":91,"severity_status":83},"low",0.02968,"critical",9.1,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",[93,101,107,111,117,121,126,131,135,139,143,148,153,158],{"url":28,"sources":94,"tags":96},[95,90],"cve.org",[97,98,99,100],"X Refsource MISC","Exploit","Mailing List","Vendor Advisory",{"url":102,"sources":103,"tags":104},"https://usn.ubuntu.com/3953-1/",[95,90],[100,105,106],"X Refsource UBUNTU","Third Party Advisory",{"url":108,"sources":109,"tags":110},"https://usn.ubuntu.com/3953-2/",[95,90],[100,105,106],{"url":112,"sources":113,"tags":114},"https://security.netapp.com/advisory/ntap-20190502-0001/",[95,90],[115,116,106],"X Refsource CONFIRM","Patch",{"url":118,"sources":119,"tags":120},"https://support.f5.com/csp/article/K44590877",[95,90],[115,106],{"url":122,"sources":123,"tags":124},"https://lists.debian.org/debian-lts-announce/2019/05/msg00035.html",[95,90],[99,125,106],"X Refsource MLIST",{"url":127,"sources":128,"tags":129},"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00010.html",[95,90],[100,130,99,106],"X Refsource SUSE",{"url":132,"sources":133,"tags":134},"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html",[95,90],[100,130,99,106],{"url":136,"sources":137,"tags":138},"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",[95,90],[100,130,99,106],{"url":140,"sources":141,"tags":142},"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",[95,90],[100,130,99,106],{"url":144,"sources":145,"tags":146},"https://access.redhat.com/errata/RHSA-2019:2519",[95,90],[100,147,106],"X Refsource REDHAT",{"url":149,"sources":150,"tags":151},"https://www.debian.org/security/2019/dsa-4529",[95,90],[100,152,106],"X Refsource DEBIAN",{"url":154,"sources":155,"tags":156},"https://seclists.org/bugtraq/2019/Sep/38",[95,90],[99,157,106],"X Refsource BUGTRAQ",{"url":159,"sources":160,"tags":161},"https://access.redhat.com/errata/RHSA-2019:3299",[95,90],[100,147,106],[],{"date":164,"score":86,"percentile":165},"2026-06-04",0.86761,[167,171,174,177,180,183,186,188,191,194,197,200,203,205,207,211,214,217,220,223,226,229,231,233,235,237,240,243,246,249,251,254,257,260,263,266,269,272,275,278,281,284,287,289,292,295,298,300,303,306,309,312,315,319,323,326,329,332,335,338,341,343,346,349,352,355,358,360,363,365,367,370,372,374,377,380,383,385,388,391,394,397,400,403,406,409,412,415,418,420],{"date":168,"score":169,"percentile":170},"2025-11-04",0.03594,0.87255,{"date":172,"score":169,"percentile":173},"2025-11-05",0.87257,{"date":175,"score":169,"percentile":176},"2025-11-06",0.87254,{"date":178,"score":169,"percentile":179},"2025-11-07",0.87261,{"date":181,"score":169,"percentile":182},"2025-11-08",0.87265,{"date":184,"score":169,"percentile":185},"2025-11-09",0.87259,{"date":187,"score":169,"percentile":185},"2025-11-10",{"date":189,"score":169,"percentile":190},"2025-11-11",0.87264,{"date":192,"score":169,"percentile":193},"2025-11-12",0.87269,{"date":195,"score":169,"percentile":196},"2025-11-13",0.87274,{"date":198,"score":169,"percentile":199},"2025-11-14",0.87276,{"date":201,"score":169,"percentile":202},"2025-11-15",0.87272,{"date":204,"score":169,"percentile":199},"2025-11-16",{"date":206,"score":169,"percentile":202},"2025-11-17",{"date":208,"score":209,"percentile":210},"2025-11-18",0.10411,0.92453,{"date":212,"score":209,"percentile":213},"2025-11-19",0.92456,{"date":215,"score":209,"percentile":216},"2025-11-20",0.92461,{"date":218,"score":169,"percentile":219},"2025-11-21",0.87282,{"date":221,"score":169,"percentile":222},"2025-11-22",0.87277,{"date":224,"score":169,"percentile":225},"2025-11-23",0.87273,{"date":227,"score":169,"percentile":228},"2025-11-24",0.87275,{"date":230,"score":169,"percentile":228},"2025-11-25",{"date":232,"score":169,"percentile":196},"2025-11-26",{"date":234,"score":169,"percentile":199},"2025-11-27",{"date":236,"score":169,"percentile":190},"2025-11-28",{"date":238,"score":169,"percentile":239},"2025-11-29",0.87338,{"date":241,"score":169,"percentile":242},"2025-11-30",0.87337,{"date":244,"score":169,"percentile":245},"2025-12-01",0.87401,{"date":247,"score":169,"percentile":248},"2025-12-02",0.87402,{"date":250,"score":169,"percentile":245},"2025-12-03",{"date":252,"score":169,"percentile":253},"2025-12-04",0.87335,{"date":255,"score":169,"percentile":256},"2025-12-05",0.87339,{"date":258,"score":169,"percentile":259},"2025-12-06",0.87336,{"date":261,"score":169,"percentile":262},"2025-12-07",0.8733,{"date":264,"score":169,"percentile":265},"2025-12-08",0.87331,{"date":267,"score":169,"percentile":268},"2025-12-09",0.87343,{"date":270,"score":169,"percentile":271},"2025-12-10",0.8736,{"date":273,"score":169,"percentile":274},"2025-12-11",0.87366,{"date":276,"score":169,"percentile":277},"2025-12-12",0.8737,{"date":279,"score":169,"percentile":280},"2025-12-13",0.87369,{"date":282,"score":169,"percentile":283},"2025-12-14",0.87363,{"date":285,"score":169,"percentile":286},"2025-12-15",0.87361,{"date":288,"score":169,"percentile":280},"2025-12-16",{"date":290,"score":169,"percentile":291},"2025-12-17",0.87374,{"date":293,"score":169,"percentile":294},"2025-12-18",0.87382,{"date":296,"score":169,"percentile":297},"2025-12-19",0.87383,{"date":299,"score":169,"percentile":294},"2025-12-20",{"date":301,"score":169,"percentile":302},"2025-12-21",0.87387,{"date":304,"score":169,"percentile":305},"2025-12-22",0.87388,{"date":307,"score":169,"percentile":308},"2025-12-23",0.87389,{"date":310,"score":169,"percentile":311},"2025-12-24",0.87398,{"date":313,"score":169,"percentile":314},"2025-12-25",0.8741,{"date":316,"score":317,"percentile":318},"2025-12-26",0.03024,0.86218,{"date":320,"score":321,"percentile":322},"2025-12-27",0.02016,0.83322,{"date":324,"score":317,"percentile":325},"2025-12-28",0.8621,{"date":327,"score":317,"percentile":328},"2025-12-29",0.86204,{"date":330,"score":317,"percentile":331},"2025-12-30",0.86212,{"date":333,"score":317,"percentile":334},"2025-12-31",0.8622,{"date":336,"score":317,"percentile":337},"2026-01-01",0.86279,{"date":339,"score":317,"percentile":340},"2026-01-02",0.86282,{"date":342,"score":317,"percentile":340},"2026-01-03",{"date":344,"score":317,"percentile":345},"2026-01-04",0.86223,{"date":347,"score":317,"percentile":348},"2026-01-05",0.86219,{"date":350,"score":317,"percentile":351},"2026-01-06",0.86221,{"date":353,"score":317,"percentile":354},"2026-01-07",0.86222,{"date":356,"score":317,"percentile":357},"2026-01-08",0.86232,{"date":359,"score":317,"percentile":357},"2026-01-09",{"date":361,"score":317,"percentile":362},"2026-01-10",0.86229,{"date":364,"score":317,"percentile":354},"2026-01-11",{"date":366,"score":317,"percentile":348},"2026-01-12",{"date":368,"score":317,"percentile":369},"2026-01-13",0.86215,{"date":371,"score":317,"percentile":362},"2026-01-14",{"date":373,"score":317,"percentile":362},"2026-01-15",{"date":375,"score":317,"percentile":376},"2026-01-16",0.86234,{"date":378,"score":317,"percentile":379},"2026-01-17",0.86238,{"date":381,"score":317,"percentile":382},"2026-01-18",0.8624,{"date":384,"score":317,"percentile":376},"2026-01-19",{"date":386,"score":317,"percentile":387},"2026-01-20",0.86228,{"date":389,"score":317,"percentile":390},"2026-01-21",0.86235,{"date":392,"score":317,"percentile":393},"2026-01-22",0.86241,{"date":395,"score":317,"percentile":396},"2026-01-23",0.86257,{"date":398,"score":317,"percentile":399},"2026-01-24",0.86264,{"date":401,"score":317,"percentile":402},"2026-01-25",0.8626,{"date":404,"score":317,"percentile":405},"2026-01-26",0.86258,{"date":407,"score":317,"percentile":408},"2026-01-27",0.86263,{"date":410,"score":317,"percentile":411},"2026-01-28",0.86265,{"date":413,"score":317,"percentile":414},"2026-01-29",0.86268,{"date":416,"score":317,"percentile":417},"2026-01-30",0.86272,{"date":419,"score":317,"percentile":417},"2026-01-31",{"date":421,"score":86,"percentile":422},"2026-02-01",0.86203,[424,431],{"source":95,"cvss_v2_0":9,"cvss_v3_0":425,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":426,"baseSeverity":427,"vectorString":428,"impactScore":429,"exploitabilityScore":430},4.8,"MEDIUM","CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",4.2,5.6,{"source":90,"cvss_v2_0":432,"cvss_v3_0":437,"cvss_v3_1":438,"cvss_v4_0":9},{"baseScore":433,"baseSeverity":9,"vectorString":434,"impactScore":435,"exploitabilityScore":436},6.4,"AV:N/AC:L/Au:N/C:P/I:N/A:P",4.9,10,{"baseScore":426,"baseSeverity":427,"vectorString":428,"impactScore":429,"exploitabilityScore":430},{"baseScore":88,"baseSeverity":439,"vectorString":91,"impactScore":440,"exploitabilityScore":436},"CRITICAL",8.7,[442,461,470,478,488,506,517],{"ecosystem":9,"name":443,"vendor":444,"product":445,"cpe_part":446,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":447},"ubuntu linux","canonical","ubuntu_linux","o",[448,451,453,455,457,459],{"version":449,"is_range":31,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.04","cpe",{"version":452,"is_range":31,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04",{"version":454,"is_range":31,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"version":456,"is_range":31,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04",{"version":458,"is_range":31,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.10",{"version":460,"is_range":31,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"19.04",{"ecosystem":9,"name":462,"vendor":463,"product":464,"cpe_part":446,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":465},"debian linux","debian","debian_linux",[466,468],{"version":467,"is_range":31,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"version":469,"is_range":31,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":471,"vendor":472,"product":473,"cpe_part":474,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":475},"storage automation store","netapp","storage_automation_store","a",[476],{"version":477,"is_range":31,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na",{"ecosystem":9,"name":479,"vendor":480,"product":479,"cpe_part":446,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":481},"leap","opensuse",[482,484,486],{"version":483,"is_range":31,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.0",{"version":485,"is_range":31,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.1",{"version":487,"is_range":31,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"42.3",{"ecosystem":9,"name":489,"vendor":9,"product":489,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":490},"PHP",[491,498,502],{"version":492,"is_range":493,"range_type":95,"version_start":494,"version_start_type":495,"version_end":496,"version_end_type":497,"fixed_in":9},">= 7.1.x, \u003C 7.1.28",true,"7.1.x","including","7.1.28","excluding",{"version":499,"is_range":493,"range_type":95,"version_start":500,"version_start_type":495,"version_end":501,"version_end_type":497,"fixed_in":9},">= 7.2.x, \u003C 7.2.17","7.2.x","7.2.17",{"version":503,"is_range":493,"range_type":95,"version_start":504,"version_start_type":495,"version_end":505,"version_end_type":497,"fixed_in":9},">= 7.3.x, \u003C 7.3.4","7.3.x","7.3.4",{"ecosystem":9,"name":489,"vendor":9,"product":489,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":507},[508,511,514],{"version":509,"is_range":493,"range_type":450,"version_start":510,"version_start_type":495,"version_end":496,"version_end_type":497,"fixed_in":9},"gte7.1.0_lt7.1.28","7.1.0",{"version":512,"is_range":493,"range_type":450,"version_start":513,"version_start_type":495,"version_end":501,"version_end_type":497,"fixed_in":9},"gte7.2.9_lt7.2.17","7.2.9",{"version":515,"is_range":493,"range_type":450,"version_start":516,"version_start_type":495,"version_end":505,"version_end_type":497,"fixed_in":9},"gte7.3.0_lt7.3.4","7.3.0",{"ecosystem":9,"name":518,"vendor":519,"product":520,"cpe_part":474,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":521},"software collections","redhat","software_collections",[522],{"version":523,"is_range":31,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.0"]