[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-9023":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":57,"duplicate_of":9,"upstream":58,"downstream":59,"duplicates":92,"related":93,"reserved_at":9,"published_at":103,"modified_at":104,"state":105,"summary":106,"references_raw":114,"kevs":199,"epss":200,"epss_history":203,"metrics":457,"affected":466},"CVE-2019-9023","An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regcomp.c, ext/mbstring/oniguruma/regexec.c, ext/mbstring/oniguruma/regparse.c, ext/mbstring/oniguruma/enc/unicode.c, and ext/mbstring/oniguruma/src/utf32_be.c when a multibyte regular expression pattern contains invalid multibyte sequences.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[24,33,37,41,45,49,53],{"_key":25,"name":26,"source":27,"url":28,"maturity":29,"reliability_score":30,"verified":31,"type":9,"platforms":32,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_C0B426A14C5AF337","Exploit Reference (bugs.php.net)","reference","https://bugs.php.net/bug.php?id=77382","unknown",0.2,false,[],{"_key":34,"name":26,"source":27,"url":35,"maturity":29,"reliability_score":30,"verified":31,"type":9,"platforms":36,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_67D2CBEF7485F920","https://bugs.php.net/bug.php?id=77418",[],{"_key":38,"name":26,"source":27,"url":39,"maturity":29,"reliability_score":30,"verified":31,"type":9,"platforms":40,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_C24579EF00B194F5","https://bugs.php.net/bug.php?id=77371",[],{"_key":42,"name":26,"source":27,"url":43,"maturity":29,"reliability_score":30,"verified":31,"type":9,"platforms":44,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_10E4607251519B27","https://bugs.php.net/bug.php?id=77370",[],{"_key":46,"name":26,"source":27,"url":47,"maturity":29,"reliability_score":30,"verified":31,"type":9,"platforms":48,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_0013A14F78B4536F","https://bugs.php.net/bug.php?id=77385",[],{"_key":50,"name":26,"source":27,"url":51,"maturity":29,"reliability_score":30,"verified":31,"type":9,"platforms":52,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_BBD232D5FA9BEAB2","https://bugs.php.net/bug.php?id=77394",[],{"_key":54,"name":26,"source":27,"url":55,"maturity":29,"reliability_score":30,"verified":31,"type":9,"platforms":56,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_ED96E74726198A89","https://bugs.php.net/bug.php?id=77381",[],[],[],[60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90],{"_key":61},"SUSE-RU-2019:0823-1",{"_key":63},"SUSE-SU-2019:0985-1",{"_key":65},"SUSE-SU-2019:14013-1",{"_key":67},"SUSE-SU-2019:1461-1",{"_key":69},"SUSE-SU-2022:4067-1",{"_key":71},"OPENSUSE-SU-2019:1572-1",{"_key":73},"OPENSUSE-SU-2019:1573-1",{"_key":75},"OPENSUSE-SU-2024:11167-1",{"_key":77},"OPENSUSE-SU-2024:11169-1",{"_key":79},"RHSA-2020:1624",{"_key":81},"DLA-1679-1",{"_key":83},"DSA-4398-1",{"_key":85},"UBUNTU-CVE-2019-9023",{"_key":87},"USN-3902-1",{"_key":89},"RHSA-2019:2519",{"_key":91},"RHSA-2019:3299",[],[94,95,96,97,98,99,100,101,102],{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},"2019-02-22T23:00:00.000Z","2024-08-04T21:38:45.186Z","Modified",{"cisa_kev":31,"cisa_ransomware":31,"cisa_vendor":9,"epss_severity":107,"epss_score":108,"severity":109,"severity_score":110,"severity_version":111,"severity_source":112,"severity_vector":113,"severity_status":105},"medium",0.10503,"critical",9.8,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[115,123,130,133,138,141,145,151,154,157,160,163,168,172,177,182,186,190,195],{"url":116,"sources":117,"tags":119},"https://usn.ubuntu.com/3902-2/",[118,112],"cve.org",[120,121,122],"Vendor Advisory","X Refsource UBUNTU","Third Party Advisory",{"url":28,"sources":124,"tags":125},[118,112],[126,127,128,129,120],"X Refsource MISC","Exploit","Issue Tracking","Patch",{"url":35,"sources":131,"tags":132},[118,112],[126,127,128,129,120],{"url":134,"sources":135,"tags":136},"https://www.debian.org/security/2019/dsa-4398",[118,112],[120,137,122],"X Refsource DEBIAN",{"url":39,"sources":139,"tags":140},[118,112],[126,127,128,129,120],{"url":142,"sources":143,"tags":144},"https://usn.ubuntu.com/3902-1/",[118,112],[120,121,122],{"url":146,"sources":147,"tags":148},"http://www.securityfocus.com/bid/107156",[118,112],[149,150,122],"VDB Entry","X Refsource BID",{"url":43,"sources":152,"tags":153},[118,112],[126,127,128,129,120],{"url":47,"sources":155,"tags":156},[118,112],[126,127,128,129,120],{"url":51,"sources":158,"tags":159},[118,112],[126,127,128,129,120],{"url":55,"sources":161,"tags":162},[118,112],[126,127,128,129,120],{"url":164,"sources":165,"tags":166},"https://security.netapp.com/advisory/ntap-20190321-0001/",[118,112],[167,129,122],"X Refsource CONFIRM",{"url":169,"sources":170,"tags":171},"https://support.f5.com/csp/article/K06372014",[118,112],[167,122],{"url":173,"sources":174,"tags":175},"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html",[118,112],[120,176,122],"X Refsource SUSE",{"url":178,"sources":179,"tags":180},"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",[118,112],[120,176,181,122],"Mailing List",{"url":183,"sources":184,"tags":185},"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",[118,112],[120,176],{"url":187,"sources":188,"tags":189},"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",[118,112],[120,176],{"url":191,"sources":192,"tags":193},"https://access.redhat.com/errata/RHSA-2019:2519",[118,112],[120,194],"X Refsource REDHAT",{"url":196,"sources":197,"tags":198},"https://access.redhat.com/errata/RHSA-2019:3299",[118,112],[120,194],[],{"date":201,"score":108,"percentile":202},"2026-06-04",0.93387,[204,208,211,213,216,219,222,224,226,229,231,234,236,239,241,245,248,251,254,257,259,262,265,268,271,273,276,278,282,285,288,290,293,296,299,303,306,309,312,315,318,320,323,326,328,330,332,335,337,339,341,344,346,349,353,356,359,361,364,368,371,374,378,381,384,386,389,392,395,398,401,404,407,409,412,415,418,420,422,425,428,431,434,437,440,443,446,449,451,454],{"date":205,"score":206,"percentile":207},"2025-11-04",0.17451,0.94787,{"date":209,"score":206,"percentile":210},"2025-11-05",0.94786,{"date":212,"score":206,"percentile":210},"2025-11-06",{"date":214,"score":206,"percentile":215},"2025-11-07",0.94788,{"date":217,"score":206,"percentile":218},"2025-11-08",0.94785,{"date":220,"score":206,"percentile":221},"2025-11-09",0.94784,{"date":223,"score":206,"percentile":218},"2025-11-10",{"date":225,"score":206,"percentile":207},"2025-11-11",{"date":227,"score":206,"percentile":228},"2025-11-12",0.9479,{"date":230,"score":206,"percentile":228},"2025-11-13",{"date":232,"score":206,"percentile":233},"2025-11-14",0.94793,{"date":235,"score":206,"percentile":215},"2025-11-15",{"date":237,"score":206,"percentile":238},"2025-11-16",0.94791,{"date":240,"score":206,"percentile":233},"2025-11-17",{"date":242,"score":243,"percentile":244},"2025-11-18",0.07663,0.91006,{"date":246,"score":243,"percentile":247},"2025-11-19",0.91009,{"date":249,"score":243,"percentile":250},"2025-11-20",0.91015,{"date":252,"score":206,"percentile":253},"2025-11-21",0.94797,{"date":255,"score":206,"percentile":256},"2025-11-22",0.94796,{"date":258,"score":206,"percentile":253},"2025-11-23",{"date":260,"score":206,"percentile":261},"2025-11-24",0.94798,{"date":263,"score":206,"percentile":264},"2025-11-25",0.94801,{"date":266,"score":206,"percentile":267},"2025-11-26",0.94802,{"date":269,"score":206,"percentile":270},"2025-11-27",0.94805,{"date":272,"score":206,"percentile":267},"2025-11-28",{"date":274,"score":206,"percentile":275},"2025-11-29",0.94806,{"date":277,"score":206,"percentile":270},"2025-11-30",{"date":279,"score":280,"percentile":281},"2025-12-01",0.10587,0.93032,{"date":283,"score":280,"percentile":284},"2025-12-02",0.93038,{"date":286,"score":280,"percentile":287},"2025-12-03",0.93041,{"date":289,"score":206,"percentile":275},"2025-12-04",{"date":291,"score":206,"percentile":292},"2025-12-05",0.94809,{"date":294,"score":206,"percentile":295},"2025-12-06",0.94811,{"date":297,"score":206,"percentile":298},"2025-12-07",0.94817,{"date":300,"score":301,"percentile":302},"2025-12-08",0.17186,0.94763,{"date":304,"score":301,"percentile":305},"2025-12-09",0.94767,{"date":307,"score":301,"percentile":308},"2025-12-10",0.94775,{"date":310,"score":301,"percentile":311},"2025-12-11",0.94777,{"date":313,"score":301,"percentile":314},"2025-12-12",0.9478,{"date":316,"score":301,"percentile":317},"2025-12-13",0.94779,{"date":319,"score":301,"percentile":311},"2025-12-14",{"date":321,"score":301,"percentile":322},"2025-12-15",0.94781,{"date":324,"score":301,"percentile":325},"2025-12-16",0.94783,{"date":327,"score":301,"percentile":218},"2025-12-17",{"date":329,"score":301,"percentile":210},"2025-12-18",{"date":331,"score":301,"percentile":207},"2025-12-19",{"date":333,"score":301,"percentile":334},"2025-12-20",0.94789,{"date":336,"score":301,"percentile":215},"2025-12-21",{"date":338,"score":301,"percentile":207},"2025-12-22",{"date":340,"score":301,"percentile":210},"2025-12-23",{"date":342,"score":301,"percentile":343},"2025-12-24",0.94792,{"date":345,"score":301,"percentile":261},"2025-12-25",{"date":347,"score":301,"percentile":348},"2025-12-26",0.94799,{"date":350,"score":351,"percentile":352},"2025-12-27",0.15928,0.94568,{"date":354,"score":301,"percentile":355},"2025-12-28",0.94794,{"date":357,"score":301,"percentile":358},"2025-12-29",0.94795,{"date":360,"score":301,"percentile":253},"2025-12-30",{"date":362,"score":301,"percentile":363},"2025-12-31",0.948,{"date":365,"score":366,"percentile":367},"2026-01-01",0.08474,0.92114,{"date":369,"score":366,"percentile":370},"2026-01-02",0.92112,{"date":372,"score":366,"percentile":373},"2026-01-03",0.92111,{"date":375,"score":376,"percentile":377},"2026-01-04",0.11518,0.9339,{"date":379,"score":376,"percentile":380},"2026-01-05",0.93386,{"date":382,"score":376,"percentile":383},"2026-01-06",0.93388,{"date":385,"score":376,"percentile":383},"2026-01-07",{"date":387,"score":376,"percentile":388},"2026-01-08",0.93391,{"date":390,"score":376,"percentile":391},"2026-01-09",0.93396,{"date":393,"score":376,"percentile":394},"2026-01-10",0.93397,{"date":396,"score":376,"percentile":397},"2026-01-11",0.93395,{"date":399,"score":376,"percentile":400},"2026-01-12",0.93394,{"date":402,"score":376,"percentile":403},"2026-01-13",0.93393,{"date":405,"score":376,"percentile":406},"2026-01-14",0.93402,{"date":408,"score":376,"percentile":406},"2026-01-15",{"date":410,"score":376,"percentile":411},"2026-01-16",0.93407,{"date":413,"score":376,"percentile":414},"2026-01-17",0.93412,{"date":416,"score":376,"percentile":417},"2026-01-18",0.93406,{"date":419,"score":376,"percentile":411},"2026-01-19",{"date":421,"score":376,"percentile":411},"2026-01-20",{"date":423,"score":376,"percentile":424},"2026-01-21",0.93411,{"date":426,"score":376,"percentile":427},"2026-01-22",0.93414,{"date":429,"score":376,"percentile":430},"2026-01-23",0.93417,{"date":432,"score":376,"percentile":433},"2026-01-24",0.93422,{"date":435,"score":376,"percentile":436},"2026-01-25",0.93424,{"date":438,"score":376,"percentile":439},"2026-01-26",0.93426,{"date":441,"score":376,"percentile":442},"2026-01-27",0.93428,{"date":444,"score":376,"percentile":445},"2026-01-28",0.93434,{"date":447,"score":376,"percentile":448},"2026-01-29",0.93433,{"date":450,"score":376,"percentile":448},"2026-01-30",{"date":452,"score":376,"percentile":453},"2026-01-31",0.93435,{"date":455,"score":366,"percentile":456},"2026-02-01",0.92163,[458],{"source":112,"cvss_v2_0":459,"cvss_v3_0":464,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":460,"baseSeverity":9,"vectorString":461,"impactScore":462,"exploitabilityScore":463},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,10,{"baseScore":110,"baseSeverity":465,"vectorString":113,"impactScore":110,"exploitabilityScore":463},"CRITICAL",[467,480,487,495,501],{"ecosystem":9,"name":468,"vendor":469,"product":470,"cpe_part":471,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":472},"ubuntu linux","canonical","ubuntu_linux","o",[473,476,478],{"version":474,"is_range":31,"range_type":475,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.04","cpe",{"version":477,"is_range":31,"range_type":475,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04",{"version":479,"is_range":31,"range_type":475,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"ecosystem":9,"name":481,"vendor":482,"product":483,"cpe_part":471,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":484},"debian linux","debian","debian_linux",[485],{"version":486,"is_range":31,"range_type":475,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":488,"vendor":489,"product":490,"cpe_part":491,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":492},"storage automation store","netapp","storage_automation_store","a",[493],{"version":494,"is_range":31,"range_type":475,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na",{"ecosystem":9,"name":496,"vendor":497,"product":496,"cpe_part":471,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":498},"leap","opensuse",[499],{"version":500,"is_range":31,"range_type":475,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"42.3",{"ecosystem":9,"name":502,"vendor":9,"product":502,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":503},"PHP",[504,509,514,518],{"version":505,"is_range":506,"range_type":475,"version_start":9,"version_start_type":9,"version_end":507,"version_end_type":508,"fixed_in":9},"lt5.6.40",true,"5.6.40","excluding",{"version":510,"is_range":506,"range_type":475,"version_start":511,"version_start_type":512,"version_end":513,"version_end_type":508,"fixed_in":9},"gte7.0.0_lt7.1.26","7.0.0","including","7.1.26",{"version":515,"is_range":506,"range_type":475,"version_start":516,"version_start_type":512,"version_end":517,"version_end_type":508,"fixed_in":9},"gte7.2.0_lt7.2.14","7.2.0","7.2.14",{"version":519,"is_range":506,"range_type":475,"version_start":520,"version_start_type":512,"version_end":521,"version_end_type":508,"fixed_in":9},"gte7.3.0_lt7.3.1","7.3.0","7.3.1"]