[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-11038":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":28,"aliases":59,"duplicate_of":9,"upstream":60,"downstream":61,"duplicates":96,"related":97,"reserved_at":9,"published_at":106,"modified_at":107,"state":108,"summary":109,"references_raw":116,"kevs":200,"epss":201,"epss_history":204,"metrics":463,"affected":480},"CVE-2019-11038","When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code.",null,[11,20],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-908","Use of Uninitialized Resource","The product uses or accesses a resource that has not been initialized.","weakness","Incomplete","Base","Medium",[],{"_key":21,"id":21,"name":22,"description":23,"type":15,"status":24,"abstraction":25,"likelihood_of_exploit":26,"capec":27},"CWE-457","Use of Uninitialized Variable","The code uses a variable that has not been initialized, leading to unpredictable or unintended results.","Draft","Variant","High",[],[29,38,46,50,55],{"_key":30,"name":31,"source":32,"url":33,"maturity":34,"reliability_score":35,"verified":36,"type":9,"platforms":37,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_LIBGD_LIBGD","Libgd","github","https://github.com/libgd/libgd/issues/383","poc",0.3,false,[],{"_key":39,"name":40,"source":41,"url":42,"maturity":43,"reliability_score":44,"verified":36,"type":9,"platforms":45,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_C15F87CA347E9C06","Exploit Reference (bugzilla.suse.com)","reference","https://bugzilla.suse.com/show_bug.cgi?id=1140118","unknown",0.2,[],{"_key":47,"name":40,"source":41,"url":48,"maturity":43,"reliability_score":44,"verified":36,"type":9,"platforms":49,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_52B42C74D1FCDE15","https://bugzilla.suse.com/show_bug.cgi?id=1140120",[],{"_key":51,"name":52,"source":41,"url":53,"maturity":43,"reliability_score":44,"verified":36,"type":9,"platforms":54,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_C3F00AF3BC24BD79","Exploit Reference (bugzilla.redhat.com)","https://bugzilla.redhat.com/show_bug.cgi?id=1724149",[],{"_key":56,"name":52,"source":41,"url":57,"maturity":43,"reliability_score":44,"verified":36,"type":9,"platforms":58,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_0884B88C24A297BB","https://bugzilla.redhat.com/show_bug.cgi?id=1724432",[],[],[],[62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94],{"_key":63},"ALPINE-CVE-2019-11038",{"_key":65},"SUSE-SU-2019:2243-1",{"_key":67},"SUSE-SU-2019:14158-1",{"_key":69},"SUSE-SU-2020:0594-1",{"_key":71},"SUSE-SU-2020:0594-2",{"_key":73},"SUSE-SU-2020:0623-1",{"_key":75},"OPENSUSE-SU-2020:0332-1",{"_key":77},"OPENSUSE-SU-2024:10777-1",{"_key":79},"DLA-1817-1",{"_key":81},"DSA-4529-1",{"_key":83},"MGASA-2020-0134",{"_key":85},"UBUNTU-CVE-2019-11038",{"_key":87},"USN-4316-1",{"_key":89},"USN-4316-2",{"_key":91},"DEBIAN-CVE-2019-11038",{"_key":93},"RHSA-2019:2519",{"_key":95},"RHSA-2019:3299",[],[98,99,100,101,102,103,104,105],{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":83},"2019-06-18T23:28:28.236Z","2024-09-16T21:04:15.889Z","Modified",{"cisa_kev":36,"cisa_ransomware":36,"cisa_vendor":9,"epss_severity":110,"epss_score":111,"severity":110,"severity_score":112,"severity_version":113,"severity_source":114,"severity_vector":115,"severity_status":108},"medium",0.1054,5.3,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",[117,124,128,135,140,145,149,153,156,159,163,168,173,178,182,187,191,196],{"url":118,"sources":119,"tags":121},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKSSWFR2WPMUOIB5EN5ZM252NNEPYUTG/",[120,114],"cve.org",[122,123],"Vendor Advisory","X Refsource FEDORA",{"url":125,"sources":126,"tags":127},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAZBVK6XNYEIN7RDQXESSD63QHXPLKWL/",[120,114],[122,123],{"url":129,"sources":130,"tags":131},"https://lists.debian.org/debian-lts-announce/2019/06/msg00003.html",[120,114],[132,133,134],"Mailing List","X Refsource MLIST","Third Party Advisory",{"url":136,"sources":137,"tags":138},"https://bugs.php.net/bug.php?id=77973",[120,114],[139,122],"X Refsource CONFIRM",{"url":141,"sources":142,"tags":143},"https://github.com/libgd/libgd/issues/501",[120,114],[139,144,134],"Exploit",{"url":146,"sources":147,"tags":148},"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821",[120,114],[139,132,134],{"url":42,"sources":150,"tags":151},[120,114],[139,144,152,134],"Issue Tracking",{"url":48,"sources":154,"tags":155},[120,114],[139,144,152,134],{"url":53,"sources":157,"tags":158},[120,114],[139,144,152,134],{"url":57,"sources":160,"tags":161},[120,114],[162,144,152,134],"X Refsource MISC",{"url":164,"sources":165,"tags":166},"https://access.redhat.com/errata/RHSA-2019:2519",[120,114],[122,167,134],"X Refsource REDHAT",{"url":169,"sources":170,"tags":171},"https://www.debian.org/security/2019/dsa-4529",[120,114],[122,172,134],"X Refsource DEBIAN",{"url":174,"sources":175,"tags":176},"https://seclists.org/bugtraq/2019/Sep/38",[120,114],[132,177,134],"X Refsource BUGTRAQ",{"url":179,"sources":180,"tags":181},"https://access.redhat.com/errata/RHSA-2019:3299",[120,114],[122,167,134],{"url":183,"sources":184,"tags":185},"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.html",[120,114],[122,186,132,134],"X Refsource SUSE",{"url":188,"sources":189,"tags":190},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/",[120,114],[122,123],{"url":192,"sources":193,"tags":194},"https://usn.ubuntu.com/4316-2/",[120,114],[122,195,134],"X Refsource UBUNTU",{"url":197,"sources":198,"tags":199},"https://usn.ubuntu.com/4316-1/",[120,114],[122,195,134],[],{"date":202,"score":111,"percentile":203},"2026-06-04",0.93397,[205,209,212,215,218,221,223,225,228,231,234,237,239,242,245,249,252,255,258,260,263,265,267,269,272,275,279,281,285,288,290,293,296,299,302,305,308,312,315,318,322,325,327,330,333,336,339,342,344,346,349,351,354,357,361,364,367,369,372,376,379,382,384,387,390,392,395,398,401,404,407,410,413,415,418,421,423,426,429,432,435,438,441,444,447,450,453,455,457,460],{"date":206,"score":207,"percentile":208},"2025-11-04",0.08292,0.9186,{"date":210,"score":207,"percentile":211},"2025-11-05",0.91859,{"date":213,"score":207,"percentile":214},"2025-11-06",0.91861,{"date":216,"score":207,"percentile":217},"2025-11-07",0.91863,{"date":219,"score":207,"percentile":220},"2025-11-08",0.91862,{"date":222,"score":207,"percentile":214},"2025-11-09",{"date":224,"score":207,"percentile":220},"2025-11-10",{"date":226,"score":207,"percentile":227},"2025-11-11",0.91868,{"date":229,"score":207,"percentile":230},"2025-11-12",0.91873,{"date":232,"score":207,"percentile":233},"2025-11-13",0.91875,{"date":235,"score":207,"percentile":236},"2025-11-14",0.91877,{"date":238,"score":207,"percentile":230},"2025-11-15",{"date":240,"score":207,"percentile":241},"2025-11-16",0.91881,{"date":243,"score":207,"percentile":244},"2025-11-17",0.91882,{"date":246,"score":247,"percentile":248},"2025-11-18",0.04417,0.87914,{"date":250,"score":247,"percentile":251},"2025-11-19",0.87918,{"date":253,"score":247,"percentile":254},"2025-11-20",0.87922,{"date":256,"score":207,"percentile":257},"2025-11-21",0.91892,{"date":259,"score":207,"percentile":257},"2025-11-22",{"date":261,"score":207,"percentile":262},"2025-11-23",0.91898,{"date":264,"score":207,"percentile":262},"2025-11-24",{"date":266,"score":207,"percentile":262},"2025-11-25",{"date":268,"score":207,"percentile":262},"2025-11-26",{"date":270,"score":207,"percentile":271},"2025-11-27",0.91896,{"date":273,"score":207,"percentile":274},"2025-11-28",0.91887,{"date":276,"score":277,"percentile":278},"2025-11-29",0.10498,0.92959,{"date":280,"score":277,"percentile":278},"2025-11-30",{"date":282,"score":283,"percentile":284},"2025-12-01",0.03613,0.87424,{"date":286,"score":283,"percentile":287},"2025-12-02",0.87425,{"date":289,"score":283,"percentile":284},"2025-12-03",{"date":291,"score":277,"percentile":292},"2025-12-04",0.92967,{"date":294,"score":277,"percentile":295},"2025-12-05",0.9297,{"date":297,"score":277,"percentile":298},"2025-12-06",0.92972,{"date":300,"score":277,"percentile":301},"2025-12-07",0.92969,{"date":303,"score":277,"percentile":304},"2025-12-08",0.92973,{"date":306,"score":277,"percentile":307},"2025-12-09",0.92976,{"date":309,"score":310,"percentile":311},"2025-12-10",0.1218,0.93569,{"date":313,"score":310,"percentile":314},"2025-12-11",0.93573,{"date":316,"score":310,"percentile":317},"2025-12-12",0.93575,{"date":319,"score":320,"percentile":321},"2025-12-13",0.10719,0.93061,{"date":323,"score":320,"percentile":324},"2025-12-14",0.93058,{"date":326,"score":320,"percentile":321},"2025-12-15",{"date":328,"score":320,"percentile":329},"2025-12-16",0.93064,{"date":331,"score":320,"percentile":332},"2025-12-17",0.9307,{"date":334,"score":320,"percentile":335},"2025-12-18",0.93073,{"date":337,"score":320,"percentile":338},"2025-12-19",0.93074,{"date":340,"score":320,"percentile":341},"2025-12-20",0.93069,{"date":343,"score":320,"percentile":332},"2025-12-21",{"date":345,"score":320,"percentile":335},"2025-12-22",{"date":347,"score":320,"percentile":348},"2025-12-23",0.93068,{"date":350,"score":320,"percentile":338},"2025-12-24",{"date":352,"score":320,"percentile":353},"2025-12-25",0.93083,{"date":355,"score":320,"percentile":356},"2025-12-26",0.93081,{"date":358,"score":359,"percentile":360},"2025-12-27",0.06703,0.90978,{"date":362,"score":320,"percentile":363},"2025-12-28",0.93077,{"date":365,"score":320,"percentile":366},"2025-12-29",0.93075,{"date":368,"score":320,"percentile":363},"2025-12-30",{"date":370,"score":320,"percentile":371},"2025-12-31",0.93084,{"date":373,"score":374,"percentile":375},"2026-01-01",0.03639,0.87548,{"date":377,"score":374,"percentile":378},"2026-01-02",0.87549,{"date":380,"score":374,"percentile":381},"2026-01-03",0.87546,{"date":383,"score":320,"percentile":356},"2026-01-04",{"date":385,"score":320,"percentile":386},"2026-01-05",0.93078,{"date":388,"score":320,"percentile":389},"2026-01-06",0.9308,{"date":391,"score":320,"percentile":389},"2026-01-07",{"date":393,"score":320,"percentile":394},"2026-01-08",0.93082,{"date":396,"score":320,"percentile":397},"2026-01-09",0.93087,{"date":399,"score":320,"percentile":400},"2026-01-10",0.93094,{"date":402,"score":320,"percentile":403},"2026-01-11",0.93092,{"date":405,"score":320,"percentile":406},"2026-01-12",0.93091,{"date":408,"score":320,"percentile":409},"2026-01-13",0.9309,{"date":411,"score":320,"percentile":412},"2026-01-14",0.93099,{"date":414,"score":320,"percentile":412},"2026-01-15",{"date":416,"score":320,"percentile":417},"2026-01-16",0.93102,{"date":419,"score":320,"percentile":420},"2026-01-17",0.93105,{"date":422,"score":320,"percentile":412},"2026-01-18",{"date":424,"score":320,"percentile":425},"2026-01-19",0.931,{"date":427,"score":320,"percentile":428},"2026-01-20",0.93101,{"date":430,"score":320,"percentile":431},"2026-01-21",0.93107,{"date":433,"score":320,"percentile":434},"2026-01-22",0.93109,{"date":436,"score":320,"percentile":437},"2026-01-23",0.93114,{"date":439,"score":320,"percentile":440},"2026-01-24",0.93119,{"date":442,"score":320,"percentile":443},"2026-01-25",0.93122,{"date":445,"score":320,"percentile":446},"2026-01-26",0.93123,{"date":448,"score":320,"percentile":449},"2026-01-27",0.93127,{"date":451,"score":320,"percentile":452},"2026-01-28",0.93131,{"date":454,"score":320,"percentile":452},"2026-01-29",{"date":456,"score":320,"percentile":452},"2026-01-30",{"date":458,"score":320,"percentile":459},"2026-01-31",0.93133,{"date":461,"score":374,"percentile":462},"2026-02-01",0.87588,[464,471],{"source":120,"cvss_v2_0":9,"cvss_v3_0":465,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":466,"baseSeverity":467,"vectorString":468,"impactScore":469,"exploitabilityScore":470},3.1,"LOW","CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",2.3,4.1,{"source":114,"cvss_v2_0":472,"cvss_v3_0":477,"cvss_v3_1":478,"cvss_v4_0":9},{"baseScore":473,"baseSeverity":9,"vectorString":474,"impactScore":475,"exploitabilityScore":476},5,"AV:N/AC:L/Au:N/C:P/I:N/A:N",2.9,10,{"baseScore":466,"baseSeverity":467,"vectorString":468,"impactScore":469,"exploitabilityScore":470},{"baseScore":112,"baseSeverity":479,"vectorString":115,"impactScore":469,"exploitabilityScore":476},"MEDIUM",[481,496,505,515,521,527,537,553,561,567,574,580,587,593],{"ecosystem":9,"name":482,"vendor":483,"product":484,"cpe_part":485,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":486},"ubuntu linux","canonical","ubuntu_linux","o",[487,490,492,494],{"version":488,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04","cpe",{"version":491,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"version":493,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04",{"version":495,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"19.10",{"ecosystem":9,"name":497,"vendor":498,"product":499,"cpe_part":485,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":500},"debian linux","debian","debian_linux",[501,503],{"version":502,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"version":504,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":506,"vendor":507,"product":506,"cpe_part":485,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":508},"fedora","fedoraproject",[509,511,513],{"version":510,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"29",{"version":512,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"30",{"version":514,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"32",{"ecosystem":9,"name":516,"vendor":516,"product":516,"cpe_part":517,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":518},"libgd","a",[519],{"version":520,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.2.5",{"ecosystem":9,"name":522,"vendor":523,"product":522,"cpe_part":485,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":524},"leap","opensuse",[525],{"version":526,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.1",{"ecosystem":9,"name":528,"vendor":9,"product":528,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":529},"PHP",[530,533,535],{"version":531,"is_range":36,"range_type":120,"version_start":531,"version_start_type":532,"version_end":531,"version_end_type":532,"fixed_in":9},"7.1.x \u003C 7.1.30","including",{"version":534,"is_range":36,"range_type":120,"version_start":534,"version_start_type":532,"version_end":534,"version_end_type":532,"fixed_in":9},"7.2.x \u003C 7.2.19",{"version":536,"is_range":36,"range_type":120,"version_start":536,"version_start_type":532,"version_end":536,"version_end_type":532,"fixed_in":9},"7.3.x \u003C 7.3.6",{"ecosystem":9,"name":528,"vendor":9,"product":528,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":538},[539,545,549],{"version":540,"is_range":541,"range_type":489,"version_start":542,"version_start_type":532,"version_end":543,"version_end_type":544,"fixed_in":9},"gte7.1.0_lt7.1.30",true,"7.1.0","7.1.30","excluding",{"version":546,"is_range":541,"range_type":489,"version_start":547,"version_start_type":532,"version_end":548,"version_end_type":544,"fixed_in":9},"gte7.2.0_lt7.2.19","7.2.0","7.2.19",{"version":550,"is_range":541,"range_type":489,"version_start":551,"version_start_type":532,"version_end":552,"version_end_type":544,"fixed_in":9},"gte7.3.0_lt7.3.6","7.3.0","7.3.6",{"ecosystem":9,"name":554,"vendor":555,"product":556,"cpe_part":485,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":557},"enterprise linux","redhat","enterprise_linux",[558,560],{"version":559,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0",{"version":502,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":562,"vendor":555,"product":563,"cpe_part":517,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":564},"software collections","software_collections",[565],{"version":566,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.0",{"ecosystem":9,"name":568,"vendor":569,"product":570,"cpe_part":517,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":571},"linux enterprise debuginfo","suse","linux_enterprise_debuginfo",[572],{"version":573,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11:sp4",{"ecosystem":9,"name":575,"vendor":569,"product":576,"cpe_part":485,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":577},"linux enterprise desktop","linux_enterprise_desktop",[578],{"version":579,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12:sp4",{"ecosystem":9,"name":581,"vendor":569,"product":582,"cpe_part":485,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":583},"linux enterprise server","linux_enterprise_server",[584,585],{"version":579,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":586,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12:sp5",{"ecosystem":9,"name":588,"vendor":569,"product":589,"cpe_part":485,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":590},"linux enterprise software development kit","linux_enterprise_software_development_kit",[591,592],{"version":579,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":586,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":594,"vendor":569,"product":595,"cpe_part":485,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":596},"linux enterprise workstation extension","linux_enterprise_workstation_extension",[597,598],{"version":579,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":586,"is_range":36,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]