[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-11039":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":34,"aliases":44,"duplicate_of":9,"upstream":45,"downstream":46,"duplicates":83,"related":84,"reserved_at":9,"published_at":93,"modified_at":94,"state":95,"summary":96,"references_raw":104,"kevs":147,"epss":148,"epss_history":151,"metrics":405,"affected":422},"CVE-2019-11039","Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.",null,[11,24],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-190","Integer Overflow or Wraparound","The product performs a calculation that can\n         produce an integer overflow or wraparound when the logic\n         assumes that the resulting value will always be larger than\n         the original value. This occurs when an integer value is\n         incremented to a value that is too large to store in the\n         associated representation. When this occurs, the value may\n         become a very small or negative number.","weakness","Stable","Base","Medium",[20],{"id":21,"name":22,"techniques":23},"CAPEC-92","Forced Integer Overflow",[],{"_key":25,"id":25,"name":26,"description":27,"type":15,"status":28,"abstraction":17,"likelihood_of_exploit":9,"capec":29},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","Draft",[30],{"id":31,"name":32,"techniques":33},"CAPEC-540","Overread Buffers",[],[35],{"_key":36,"name":37,"source":38,"url":39,"maturity":40,"reliability_score":41,"verified":42,"type":9,"platforms":43,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_A9BDDD5A16B72A05","Exploit Reference (bugs.php.net)","reference","https://bugs.php.net/bug.php?id=78069","unknown",0.2,false,[],[],[],[47,49,51,53,55,57,59,61,63,65,67,69,71,73,75,77,79,81],{"_key":48},"SUSE-SU-2019:1724-1",{"_key":50},"SUSE-SU-2019:1725-1",{"_key":52},"SUSE-SU-2019:1746-1",{"_key":54},"SUSE-SU-2019:1832-1",{"_key":56},"SUSE-SU-2022:4067-1",{"_key":58},"OPENSUSE-SU-2019:1778-1",{"_key":60},"OPENSUSE-SU-2024:11167-1",{"_key":62},"OPENSUSE-SU-2024:11169-1",{"_key":64},"RHSA-2020:1624",{"_key":66},"DLA-1813-1",{"_key":68},"DSA-4527-1",{"_key":70},"DSA-4529-1",{"_key":72},"UBUNTU-CVE-2019-11039",{"_key":74},"USN-4009-1",{"_key":76},"USN-4009-2",{"_key":78},"RHSA-2019:2519",{"_key":80},"RHSA-2019:3299",{"_key":82},"RHSA-2020:3662",[],[85,86,87,88,89,90,91,92],{"_key":48},{"_key":50},{"_key":52},{"_key":54},{"_key":56},{"_key":58},{"_key":60},{"_key":62},"2019-06-18T23:28:28.280Z","2024-09-17T00:21:46.316Z","Modified",{"cisa_kev":42,"cisa_ransomware":42,"cisa_vendor":9,"epss_severity":97,"epss_score":98,"severity":99,"severity_score":100,"severity_version":101,"severity_source":102,"severity_vector":103,"severity_status":95},"low",0.01411,"critical",9.1,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",[105,113,120,125,130,135,139,143],{"url":39,"sources":106,"tags":108},[107,102],"cve.org",[109,110,111,112],"X Refsource CONFIRM","Exploit","Patch","Vendor Advisory",{"url":114,"sources":115,"tags":116},"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00029.html",[107,102],[112,117,118,119],"X Refsource SUSE","Mailing List","Third Party Advisory",{"url":121,"sources":122,"tags":123},"https://access.redhat.com/errata/RHSA-2019:2519",[107,102],[112,124,119],"X Refsource REDHAT",{"url":126,"sources":127,"tags":128},"https://seclists.org/bugtraq/2019/Sep/35",[107,102],[118,129,119],"X Refsource BUGTRAQ",{"url":131,"sources":132,"tags":133},"https://www.debian.org/security/2019/dsa-4527",[107,102],[112,134,119],"X Refsource DEBIAN",{"url":136,"sources":137,"tags":138},"https://www.debian.org/security/2019/dsa-4529",[107,102],[112,134,119],{"url":140,"sources":141,"tags":142},"https://seclists.org/bugtraq/2019/Sep/38",[107,102],[118,129,119],{"url":144,"sources":145,"tags":146},"https://access.redhat.com/errata/RHSA-2019:3299",[107,102],[112,124,119],[],{"date":149,"score":98,"percentile":150},"2026-06-04",0.80874,[152,156,159,162,165,168,171,174,176,178,181,184,187,190,193,197,200,203,206,209,212,215,218,221,223,225,227,229,233,236,238,241,244,247,250,253,256,260,263,266,268,270,272,275,278,281,284,287,290,293,296,299,302,305,309,312,315,318,321,325,328,330,333,335,337,339,342,345,347,350,353,355,357,360,363,366,368,371,373,375,378,381,384,387,390,393,395,397,399,402],{"date":153,"score":154,"percentile":155},"2025-11-04",0.01212,0.78353,{"date":157,"score":154,"percentile":158},"2025-11-05",0.78352,{"date":160,"score":154,"percentile":161},"2025-11-06",0.78348,{"date":163,"score":154,"percentile":164},"2025-11-07",0.78362,{"date":166,"score":154,"percentile":167},"2025-11-08",0.78368,{"date":169,"score":154,"percentile":170},"2025-11-09",0.78364,{"date":172,"score":154,"percentile":173},"2025-11-10",0.7835,{"date":175,"score":154,"percentile":158},"2025-11-11",{"date":177,"score":154,"percentile":167},"2025-11-12",{"date":179,"score":154,"percentile":180},"2025-11-13",0.78377,{"date":182,"score":154,"percentile":183},"2025-11-14",0.78384,{"date":185,"score":154,"percentile":186},"2025-11-15",0.78382,{"date":188,"score":154,"percentile":189},"2025-11-16",0.78385,{"date":191,"score":154,"percentile":192},"2025-11-17",0.78379,{"date":194,"score":195,"percentile":196},"2025-11-18",0.02274,0.83288,{"date":198,"score":195,"percentile":199},"2025-11-19",0.8329,{"date":201,"score":195,"percentile":202},"2025-11-20",0.83296,{"date":204,"score":154,"percentile":205},"2025-11-21",0.78407,{"date":207,"score":154,"percentile":208},"2025-11-22",0.78408,{"date":210,"score":154,"percentile":211},"2025-11-23",0.78396,{"date":213,"score":154,"percentile":214},"2025-11-24",0.78395,{"date":216,"score":154,"percentile":217},"2025-11-25",0.78399,{"date":219,"score":154,"percentile":220},"2025-11-26",0.78403,{"date":222,"score":154,"percentile":205},"2025-11-27",{"date":224,"score":154,"percentile":217},"2025-11-28",{"date":226,"score":154,"percentile":220},"2025-11-29",{"date":228,"score":154,"percentile":220},"2025-11-30",{"date":230,"score":231,"percentile":232},"2025-12-01",0.00752,0.72482,{"date":234,"score":231,"percentile":235},"2025-12-02",0.72493,{"date":237,"score":231,"percentile":235},"2025-12-03",{"date":239,"score":154,"percentile":240},"2025-12-04",0.78392,{"date":242,"score":154,"percentile":243},"2025-12-05",0.78398,{"date":245,"score":154,"percentile":246},"2025-12-06",0.784,{"date":248,"score":154,"percentile":249},"2025-12-07",0.78397,{"date":251,"score":154,"percentile":252},"2025-12-08",0.78401,{"date":254,"score":154,"percentile":255},"2025-12-09",0.78418,{"date":257,"score":258,"percentile":259},"2025-12-10",0.01439,0.80181,{"date":261,"score":258,"percentile":262},"2025-12-11",0.80192,{"date":264,"score":258,"percentile":265},"2025-12-12",0.8021,{"date":267,"score":258,"percentile":265},"2025-12-13",{"date":269,"score":258,"percentile":265},"2025-12-14",{"date":271,"score":258,"percentile":265},"2025-12-15",{"date":273,"score":258,"percentile":274},"2025-12-16",0.80221,{"date":276,"score":258,"percentile":277},"2025-12-17",0.80229,{"date":279,"score":258,"percentile":280},"2025-12-18",0.80248,{"date":282,"score":258,"percentile":283},"2025-12-19",0.80259,{"date":285,"score":258,"percentile":286},"2025-12-20",0.80251,{"date":288,"score":258,"percentile":289},"2025-12-21",0.80244,{"date":291,"score":258,"percentile":292},"2025-12-22",0.80242,{"date":294,"score":258,"percentile":295},"2025-12-23",0.80243,{"date":297,"score":258,"percentile":298},"2025-12-24",0.80262,{"date":300,"score":258,"percentile":301},"2025-12-25",0.80282,{"date":303,"score":258,"percentile":304},"2025-12-26",0.80279,{"date":306,"score":307,"percentile":308},"2025-12-27",0.01883,0.82745,{"date":310,"score":258,"percentile":311},"2025-12-28",0.80269,{"date":313,"score":258,"percentile":314},"2025-12-29",0.80268,{"date":316,"score":258,"percentile":317},"2025-12-30",0.80275,{"date":319,"score":258,"percentile":320},"2025-12-31",0.80287,{"date":322,"score":323,"percentile":324},"2026-01-01",0.00894,0.75182,{"date":326,"score":323,"percentile":327},"2026-01-02",0.75185,{"date":329,"score":323,"percentile":327},"2026-01-03",{"date":331,"score":258,"percentile":332},"2026-01-04",0.80273,{"date":334,"score":258,"percentile":311},"2026-01-05",{"date":336,"score":258,"percentile":332},"2026-01-06",{"date":338,"score":258,"percentile":304},"2026-01-07",{"date":340,"score":258,"percentile":341},"2026-01-08",0.80289,{"date":343,"score":258,"percentile":344},"2026-01-09",0.80291,{"date":346,"score":258,"percentile":344},"2026-01-10",{"date":348,"score":258,"percentile":349},"2026-01-11",0.80283,{"date":351,"score":258,"percentile":352},"2026-01-12",0.80271,{"date":354,"score":258,"percentile":314},"2026-01-13",{"date":356,"score":258,"percentile":341},"2026-01-14",{"date":358,"score":258,"percentile":359},"2026-01-15",0.80288,{"date":361,"score":258,"percentile":362},"2026-01-16",0.80297,{"date":364,"score":258,"percentile":365},"2026-01-17",0.80304,{"date":367,"score":258,"percentile":362},"2026-01-18",{"date":369,"score":258,"percentile":370},"2026-01-19",0.8029,{"date":372,"score":258,"percentile":370},"2026-01-20",{"date":374,"score":258,"percentile":362},"2026-01-21",{"date":376,"score":258,"percentile":377},"2026-01-22",0.80305,{"date":379,"score":258,"percentile":380},"2026-01-23",0.80332,{"date":382,"score":258,"percentile":383},"2026-01-24",0.80342,{"date":385,"score":258,"percentile":386},"2026-01-25",0.80334,{"date":388,"score":258,"percentile":389},"2026-01-26",0.80333,{"date":391,"score":258,"percentile":392},"2026-01-27",0.80336,{"date":394,"score":258,"percentile":392},"2026-01-28",{"date":396,"score":258,"percentile":386},"2026-01-29",{"date":398,"score":258,"percentile":386},"2026-01-30",{"date":400,"score":258,"percentile":401},"2026-01-31",0.80339,{"date":403,"score":323,"percentile":404},"2026-02-01",0.75248,[406,412],{"source":107,"cvss_v2_0":9,"cvss_v3_0":407,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":408,"baseSeverity":409,"vectorString":410,"impactScore":408,"exploitabilityScore":411},4.2,"MEDIUM","CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L",4.1,{"source":102,"cvss_v2_0":413,"cvss_v3_0":418,"cvss_v3_1":419,"cvss_v4_0":9},{"baseScore":414,"baseSeverity":9,"vectorString":415,"impactScore":416,"exploitabilityScore":417},6.4,"AV:N/AC:L/Au:N/C:P/I:N/A:P",4.9,10,{"baseScore":408,"baseSeverity":409,"vectorString":410,"impactScore":408,"exploitabilityScore":411},{"baseScore":100,"baseSeverity":420,"vectorString":103,"impactScore":421,"exploitabilityScore":417},"CRITICAL",8.7,[423,434,442,452,465],{"ecosystem":9,"name":424,"vendor":425,"product":426,"cpe_part":427,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":428},"debian linux","debian","debian_linux","o",[429,432],{"version":430,"is_range":42,"range_type":431,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0","cpe",{"version":433,"is_range":42,"range_type":431,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0",{"ecosystem":9,"name":435,"vendor":436,"product":435,"cpe_part":427,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":437},"leap","opensuse",[438,440],{"version":439,"is_range":42,"range_type":431,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.0",{"version":441,"is_range":42,"range_type":431,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.1",{"ecosystem":9,"name":443,"vendor":9,"product":443,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":444},"PHP",[445,448,450],{"version":446,"is_range":42,"range_type":107,"version_start":446,"version_start_type":447,"version_end":446,"version_end_type":447,"fixed_in":9},"7.1.30","including",{"version":449,"is_range":42,"range_type":107,"version_start":449,"version_start_type":447,"version_end":449,"version_end_type":447,"fixed_in":9},"7.2.19",{"version":451,"is_range":42,"range_type":107,"version_start":451,"version_start_type":447,"version_end":451,"version_end_type":447,"fixed_in":9},"7.3.6",{"ecosystem":9,"name":443,"vendor":9,"product":443,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":453},[454,459,462],{"version":455,"is_range":456,"range_type":431,"version_start":457,"version_start_type":447,"version_end":446,"version_end_type":458,"fixed_in":9},"gte7.1.0_lt7.1.30",true,"7.1.0","excluding",{"version":460,"is_range":456,"range_type":431,"version_start":461,"version_start_type":447,"version_end":449,"version_end_type":458,"fixed_in":9},"gte7.2.0_lt7.2.19","7.2.0",{"version":463,"is_range":456,"range_type":431,"version_start":464,"version_start_type":447,"version_end":451,"version_end_type":458,"fixed_in":9},"gte7.3.0_lt7.3.6","7.3.0",{"ecosystem":9,"name":466,"vendor":467,"product":468,"cpe_part":469,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":470},"software collections","redhat","software_collections","a",[471],{"version":472,"is_range":42,"range_type":431,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.0"]