[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-11287":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":100,"aliases":110,"duplicate_of":9,"upstream":111,"downstream":112,"duplicates":127,"related":128,"reserved_at":9,"published_at":131,"modified_at":132,"state":133,"summary":134,"references_raw":142,"kevs":177,"epss":178,"epss_history":181,"metrics":442,"affected":459},"CVE-2019-11287","Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The \"X-Reason\" HTTP Header can be leveraged to insert a malicious Erlang format string that will expand and consume the heap, resulting in the server crashing.",null,[11,28],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-134","Use of Externally-Controlled Format String","The product uses a function that accepts a format string as an argument, but the format string originates from an external source.","weakness","Draft","Base","High",[20,24],{"id":21,"name":22,"techniques":23},"CAPEC-135","Format String Injection",[],{"id":25,"name":26,"techniques":27},"CAPEC-67","String Format Overflow in syslog()",[],{"_key":29,"id":29,"name":30,"description":31,"type":15,"status":16,"abstraction":32,"likelihood_of_exploit":18,"capec":33},"CWE-400","Uncontrolled Resource Consumption","The product does not properly control the allocation and maintenance of a limited resource.","Class",[34,38,96],{"id":35,"name":36,"techniques":37},"CAPEC-147","XML Ping of the Death",[],{"id":39,"name":40,"techniques":41},"CAPEC-227","Sustained Client Engagement",[42],{"id":43,"name":44,"tactics":45,"countermeasures":49},"T1499","Endpoint Denial of Service",[46],{"id":47,"name":48},"TA0105","Impact",[50,55,59,63,67,71,75,79,83,87,92],{"id":51,"name":52,"tactic":53},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":54},"Detect",{"id":56,"name":57,"tactic":58},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":54},{"id":60,"name":61,"tactic":62},"D3-CSPP","Client-server Payload Profiling",{"name":54},{"id":64,"name":65,"tactic":66},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":54},{"id":68,"name":69,"tactic":70},"D3-NTSA","Network Traffic Signature Analysis",{"name":54},{"id":72,"name":73,"tactic":74},"D3-APCA","Application Protocol Command Analysis",{"name":54},{"id":76,"name":77,"tactic":78},"D3-NTCD","Network Traffic Community Deviation",{"name":54},{"id":80,"name":81,"tactic":82},"D3-RTSD","Remote Terminal Session Detection",{"name":54},{"id":84,"name":85,"tactic":86},"D3-ISVA","Inbound Session Volume Analysis",{"name":54},{"id":88,"name":89,"tactic":90},"D3-NTF","Network Traffic Filtering",{"name":91},"Isolate",{"id":93,"name":94,"tactic":95},"D3-ITF","Inbound Traffic Filtering",{"name":91},{"id":97,"name":98,"techniques":99},"CAPEC-492","Regular Expression Exponential Blowup",[],[101],{"_key":102,"name":103,"source":104,"url":105,"maturity":106,"reliability_score":107,"verified":108,"type":9,"platforms":109,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_DRUNKENSHELLS_DISCLOSURES","Disclosures","github","https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2018-17167-XSS-PrinterON","poc",0.3,false,[],[],[],[113,115,117,119,121,123,125],{"_key":114},"RHSA-2020:0078",{"_key":116},"SUSE-SU-2022:3338-1",{"_key":118},"SUSE-SU-2022:3339-1",{"_key":120},"UBUNTU-CVE-2019-11287",{"_key":122},"DLA-2710-1",{"_key":124},"DEBIAN-CVE-2019-11287",{"_key":126},"USN-5004-1",[],[129,130],{"_key":116},{"_key":118},"2019-11-22T23:26:08.880Z","2024-09-16T22:24:51.121Z","Modified",{"cisa_kev":108,"cisa_ransomware":108,"cisa_vendor":9,"epss_severity":135,"epss_score":136,"severity":137,"severity_score":138,"severity_version":139,"severity_source":140,"severity_vector":141,"severity_status":133},"low",0.04604,"high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[143,150,155,159,165,171],{"url":144,"sources":145,"tags":147},"https://pivotal.io/security/cve-2019-11287",[146,140],"cve.org",[148,149],"X Refsource CONFIRM","Vendor Advisory",{"url":151,"sources":152,"tags":153},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEQ6O7PMNJKYFMQYHAB55L423GYK63SO/",[146,140],[149,154],"X Refsource FEDORA",{"url":156,"sources":157,"tags":158},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PYTGR3D5FW2O25RXZOTIZMOD2HAUVBE4/",[146,140],[149,154],{"url":160,"sources":161,"tags":162},"https://access.redhat.com/errata/RHSA-2020:0078",[146,140],[149,163,164],"X Refsource REDHAT","Third Party Advisory",{"url":166,"sources":167,"tags":168},"https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-11287-DoS%20via%20Heap%20Overflow-RabbitMQ%20Web%20Management%20Plugin",[146,140],[169,170,164],"X Refsource MISC","Exploit",{"url":172,"sources":173,"tags":174},"https://lists.debian.org/debian-lts-announce/2021/07/msg00011.html",[146,140],[175,176,164],"Mailing List","X Refsource MLIST",[],{"date":179,"score":136,"percentile":180},"2026-06-04",0.89436,[182,186,189,192,195,197,200,203,206,209,212,215,218,220,223,227,230,233,236,239,242,245,248,251,254,257,260,263,266,269,271,274,276,278,281,283,286,289,292,295,298,301,304,307,310,313,316,318,321,324,327,329,332,334,337,340,343,347,350,353,356,359,362,364,367,370,373,376,379,382,385,388,391,394,397,400,403,406,409,411,414,417,421,424,427,430,432,435,438,440],{"date":183,"score":184,"percentile":185},"2025-11-04",0.00794,0.73186,{"date":187,"score":184,"percentile":188},"2025-11-05",0.73173,{"date":190,"score":184,"percentile":191},"2025-11-06",0.7317,{"date":193,"score":184,"percentile":194},"2025-11-07",0.73188,{"date":196,"score":184,"percentile":194},"2025-11-08",{"date":198,"score":184,"percentile":199},"2025-11-09",0.73181,{"date":201,"score":184,"percentile":202},"2025-11-10",0.73169,{"date":204,"score":184,"percentile":205},"2025-11-11",0.73174,{"date":207,"score":184,"percentile":208},"2025-11-12",0.73193,{"date":210,"score":184,"percentile":211},"2025-11-13",0.732,{"date":213,"score":184,"percentile":214},"2025-11-14",0.73206,{"date":216,"score":184,"percentile":217},"2025-11-15",0.73204,{"date":219,"score":184,"percentile":211},"2025-11-16",{"date":221,"score":184,"percentile":222},"2025-11-17",0.73194,{"date":224,"score":225,"percentile":226},"2025-11-18",0.03497,0.86395,{"date":228,"score":225,"percentile":229},"2025-11-19",0.86396,{"date":231,"score":225,"percentile":232},"2025-11-20",0.86398,{"date":234,"score":184,"percentile":235},"2025-11-21",0.7321,{"date":237,"score":184,"percentile":238},"2025-11-22",0.73205,{"date":240,"score":184,"percentile":241},"2025-11-23",0.73189,{"date":243,"score":184,"percentile":244},"2025-11-24",0.73182,{"date":246,"score":184,"percentile":247},"2025-11-25",0.73184,{"date":249,"score":184,"percentile":250},"2025-11-26",0.7319,{"date":252,"score":184,"percentile":253},"2025-11-27",0.73192,{"date":255,"score":184,"percentile":256},"2025-11-28",0.73185,{"date":258,"score":184,"percentile":259},"2025-11-29",0.73178,{"date":261,"score":184,"percentile":262},"2025-11-30",0.73172,{"date":264,"score":184,"percentile":265},"2025-12-01",0.73306,{"date":267,"score":184,"percentile":268},"2025-12-02",0.73314,{"date":270,"score":184,"percentile":268},"2025-12-03",{"date":272,"score":184,"percentile":273},"2025-12-04",0.73183,{"date":275,"score":184,"percentile":208},"2025-12-05",{"date":277,"score":184,"percentile":208},"2025-12-06",{"date":279,"score":184,"percentile":280},"2025-12-07",0.73195,{"date":282,"score":184,"percentile":211},"2025-12-08",{"date":284,"score":184,"percentile":285},"2025-12-09",0.73226,{"date":287,"score":184,"percentile":288},"2025-12-10",0.73259,{"date":290,"score":184,"percentile":291},"2025-12-11",0.73277,{"date":293,"score":184,"percentile":294},"2025-12-12",0.73301,{"date":296,"score":184,"percentile":297},"2025-12-13",0.73304,{"date":299,"score":184,"percentile":300},"2025-12-14",0.73305,{"date":302,"score":184,"percentile":303},"2025-12-15",0.73307,{"date":305,"score":184,"percentile":306},"2025-12-16",0.73317,{"date":308,"score":184,"percentile":309},"2025-12-17",0.73328,{"date":311,"score":184,"percentile":312},"2025-12-18",0.73351,{"date":314,"score":184,"percentile":315},"2025-12-19",0.73369,{"date":317,"score":184,"percentile":315},"2025-12-20",{"date":319,"score":184,"percentile":320},"2025-12-21",0.73363,{"date":322,"score":184,"percentile":323},"2025-12-22",0.73361,{"date":325,"score":184,"percentile":326},"2025-12-23",0.73352,{"date":328,"score":184,"percentile":323},"2025-12-24",{"date":330,"score":184,"percentile":331},"2025-12-25",0.73389,{"date":333,"score":184,"percentile":331},"2025-12-26",{"date":335,"score":184,"percentile":336},"2025-12-27",0.73402,{"date":338,"score":184,"percentile":339},"2025-12-28",0.73365,{"date":341,"score":184,"percentile":342},"2025-12-29",0.7336,{"date":344,"score":345,"percentile":346},"2025-12-30",0.00704,0.71496,{"date":348,"score":345,"percentile":349},"2025-12-31",0.71517,{"date":351,"score":345,"percentile":352},"2026-01-01",0.71667,{"date":354,"score":345,"percentile":355},"2026-01-02",0.71664,{"date":357,"score":345,"percentile":358},"2026-01-03",0.71661,{"date":360,"score":345,"percentile":361},"2026-01-04",0.71521,{"date":363,"score":345,"percentile":349},"2026-01-05",{"date":365,"score":345,"percentile":366},"2026-01-06",0.71527,{"date":368,"score":345,"percentile":369},"2026-01-07",0.7154,{"date":371,"score":345,"percentile":372},"2026-01-08",0.71556,{"date":374,"score":345,"percentile":375},"2026-01-09",0.71564,{"date":377,"score":345,"percentile":378},"2026-01-10",0.71561,{"date":380,"score":345,"percentile":381},"2026-01-11",0.71555,{"date":383,"score":345,"percentile":384},"2026-01-12",0.71546,{"date":386,"score":345,"percentile":387},"2026-01-13",0.71543,{"date":389,"score":345,"percentile":390},"2026-01-14",0.71567,{"date":392,"score":345,"percentile":393},"2026-01-15",0.71571,{"date":395,"score":345,"percentile":396},"2026-01-16",0.71586,{"date":398,"score":345,"percentile":399},"2026-01-17",0.71581,{"date":401,"score":345,"percentile":402},"2026-01-18",0.71557,{"date":404,"score":345,"percentile":405},"2026-01-19",0.71551,{"date":407,"score":345,"percentile":408},"2026-01-20",0.7156,{"date":410,"score":345,"percentile":375},"2026-01-21",{"date":412,"score":345,"percentile":413},"2026-01-22",0.71575,{"date":415,"score":345,"percentile":416},"2026-01-23",0.71607,{"date":418,"score":419,"percentile":420},"2026-01-24",0.03051,0.86322,{"date":422,"score":419,"percentile":423},"2026-01-25",0.86318,{"date":425,"score":419,"percentile":426},"2026-01-26",0.86316,{"date":428,"score":419,"percentile":429},"2026-01-27",0.8632,{"date":431,"score":419,"percentile":420},"2026-01-28",{"date":433,"score":419,"percentile":434},"2026-01-29",0.86325,{"date":436,"score":419,"percentile":437},"2026-01-30",0.8633,{"date":439,"score":419,"percentile":437},"2026-01-31",{"date":441,"score":419,"percentile":229},"2026-02-01",[443,450],{"source":146,"cvss_v2_0":9,"cvss_v3_0":444,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":445,"baseSeverity":446,"vectorString":447,"impactScore":448,"exploitabilityScore":449},4.5,"MEDIUM","CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",6,2.3,{"source":140,"cvss_v2_0":451,"cvss_v3_0":456,"cvss_v3_1":457,"cvss_v4_0":9},{"baseScore":452,"baseSeverity":9,"vectorString":453,"impactScore":454,"exploitabilityScore":455},5,"AV:N/AC:L/Au:N/C:N/I:N/A:P",2.9,10,{"baseScore":445,"baseSeverity":446,"vectorString":447,"impactScore":448,"exploitabilityScore":449},{"baseScore":138,"baseSeverity":458,"vectorString":141,"impactScore":448,"exploitabilityScore":455},"HIGH",[460,474,482,490,506,518,528],{"ecosystem":9,"name":461,"vendor":462,"product":463,"cpe_part":464,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":465},"rabbitmq server","broadcom","rabbitmq_server","a",[466],{"version":467,"is_range":468,"range_type":469,"version_start":470,"version_start_type":471,"version_end":472,"version_end_type":473,"fixed_in":9},"gte3.8.0_lt3.8.1",true,"cpe","3.8.0","including","3.8.1","excluding",{"ecosystem":9,"name":475,"vendor":476,"product":477,"cpe_part":478,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":479},"debian linux","debian","debian_linux","o",[480],{"version":481,"is_range":108,"range_type":469,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":483,"vendor":484,"product":483,"cpe_part":478,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":485},"fedora","fedoraproject",[486,488],{"version":487,"is_range":108,"range_type":469,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"30",{"version":489,"is_range":108,"range_type":469,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"31",{"ecosystem":9,"name":491,"vendor":492,"product":491,"cpe_part":464,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":493},"rabbitmq","pivotal_software",[494,498,502],{"version":495,"is_range":468,"range_type":469,"version_start":496,"version_start_type":471,"version_end":497,"version_end_type":473,"fixed_in":9},"gte1.16.0_lt1.16.7","1.16.0","1.16.7",{"version":499,"is_range":468,"range_type":469,"version_start":500,"version_start_type":471,"version_end":501,"version_end_type":473,"fixed_in":9},"gte1.17.0_lt1.17.4","1.17.0","1.17.4",{"version":503,"is_range":468,"range_type":469,"version_start":504,"version_start_type":471,"version_end":505,"version_end_type":473,"fixed_in":9},"gte3.7.0_lt3.7.21","3.7.0","3.7.21",{"ecosystem":9,"name":507,"vendor":508,"product":491,"cpe_part":464,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":509},"RabbitMQ","pivotal",[510,514],{"version":511,"is_range":468,"range_type":146,"version_start":512,"version_start_type":471,"version_end":513,"version_end_type":473,"fixed_in":9},">= 3.7, \u003C v3.7.21","3.7","v3.7.21",{"version":515,"is_range":468,"range_type":146,"version_start":516,"version_start_type":471,"version_end":517,"version_end_type":473,"fixed_in":9},">= 3.8, \u003C v3.8.1","3.8","v3.8.1",{"ecosystem":9,"name":519,"vendor":508,"product":520,"cpe_part":464,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":521},"RabbitMQ for Pivotal Platform","rabbitmq for pivotal platform",[522,525],{"version":523,"is_range":468,"range_type":146,"version_start":524,"version_start_type":471,"version_end":497,"version_end_type":473,"fixed_in":9},">= 1.16, \u003C 1.16.7","1.16",{"version":526,"is_range":468,"range_type":146,"version_start":527,"version_start_type":471,"version_end":501,"version_end_type":473,"fixed_in":9},">= 1.17, \u003C 1.17.4","1.17",{"ecosystem":9,"name":529,"vendor":530,"product":529,"cpe_part":464,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":531},"openstack","redhat",[532],{"version":533,"is_range":108,"range_type":469,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15"]