[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-9638":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":33,"duplicate_of":9,"upstream":34,"downstream":35,"duplicates":70,"related":71,"reserved_at":9,"published_at":81,"modified_at":82,"state":83,"summary":84,"references_raw":92,"kevs":158,"epss":159,"epss_history":162,"metrics":406,"affected":416},"CVE-2019-9638","An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[24],{"_key":25,"name":26,"source":27,"url":28,"maturity":29,"reliability_score":30,"verified":31,"type":9,"platforms":32,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_392283FDB7EFFEDB","Exploit Reference (bugs.php.net)","reference","https://bugs.php.net/bug.php?id=77563","unknown",0.2,false,[],[],[],[36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68],{"_key":37},"SUSE-SU-2019:0988-1",{"_key":39},"SUSE-SU-2019:1325-1",{"_key":41},"SUSE-SU-2019:14013-1",{"_key":43},"SUSE-SU-2019:1461-1",{"_key":45},"SUSE-SU-2022:4067-1",{"_key":47},"OPENSUSE-SU-2019:1572-1",{"_key":49},"OPENSUSE-SU-2019:1573-1",{"_key":51},"OPENSUSE-SU-2024:11167-1",{"_key":53},"OPENSUSE-SU-2024:11169-1",{"_key":55},"RHSA-2020:1624",{"_key":57},"DLA-1741-1",{"_key":59},"DSA-4403-1",{"_key":61},"UBUNTU-CVE-2019-9638",{"_key":63},"USN-3922-1",{"_key":65},"USN-3922-2",{"_key":67},"RHSA-2019:2519",{"_key":69},"RHSA-2019:3299",[],[72,73,74,75,76,77,78,79,80],{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},"2019-03-08T23:00:00.000Z","2024-08-04T21:54:45.455Z","Modified",{"cisa_kev":31,"cisa_ransomware":31,"cisa_vendor":9,"epss_severity":85,"epss_score":86,"severity":87,"severity_score":88,"severity_version":89,"severity_source":90,"severity_vector":91,"severity_status":83},"medium",0.15914,"high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",[93,101,108,113,119,123,127,132,137,141,145,149,154],{"url":94,"sources":95,"tags":97},"https://www.debian.org/security/2019/dsa-4403",[96,90],"cve.org",[98,99,100],"Vendor Advisory","X Refsource DEBIAN","Third Party Advisory",{"url":28,"sources":102,"tags":103},[96,90],[104,105,106,107,98],"X Refsource MISC","Exploit","Issue Tracking","Patch",{"url":109,"sources":110,"tags":111},"https://usn.ubuntu.com/3922-1/",[96,90],[98,112,100],"X Refsource UBUNTU",{"url":114,"sources":115,"tags":116},"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html",[96,90],[117,118,100],"Mailing List","X Refsource MLIST",{"url":120,"sources":121,"tags":122},"https://usn.ubuntu.com/3922-2/",[96,90],[98,112,100],{"url":124,"sources":125,"tags":126},"https://usn.ubuntu.com/3922-3/",[96,90],[98,112,100],{"url":128,"sources":129,"tags":130},"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",[96,90],[98,131,117,100],"X Refsource SUSE",{"url":133,"sources":134,"tags":135},"https://security.netapp.com/advisory/ntap-20190502-0007/",[96,90],[136,107,100],"X Refsource CONFIRM",{"url":138,"sources":139,"tags":140},"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html",[96,90],[98,131,117,100],{"url":142,"sources":143,"tags":144},"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",[96,90],[98,131,117,100],{"url":146,"sources":147,"tags":148},"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",[96,90],[98,131,117,100],{"url":150,"sources":151,"tags":152},"https://access.redhat.com/errata/RHSA-2019:2519",[96,90],[98,153,100],"X Refsource REDHAT",{"url":155,"sources":156,"tags":157},"https://access.redhat.com/errata/RHSA-2019:3299",[96,90],[98,153,100],[],{"date":160,"score":86,"percentile":161},"2026-06-04",0.94879,[163,167,170,172,175,177,180,182,184,187,190,193,196,198,200,204,207,210,213,216,218,221,224,227,230,232,235,238,242,245,248,251,253,255,258,261,264,267,270,273,275,278,281,284,287,290,293,296,299,301,303,305,307,310,314,316,318,321,323,327,330,332,334,337,339,341,344,346,348,350,352,354,356,358,362,365,367,370,372,375,378,381,384,387,390,392,395,398,400,402],{"date":164,"score":165,"percentile":166},"2025-11-04",0.16164,0.9452,{"date":168,"score":165,"percentile":169},"2025-11-05",0.94519,{"date":171,"score":165,"percentile":166},"2025-11-06",{"date":173,"score":165,"percentile":174},"2025-11-07",0.94522,{"date":176,"score":165,"percentile":169},"2025-11-08",{"date":178,"score":165,"percentile":179},"2025-11-09",0.94518,{"date":181,"score":165,"percentile":179},"2025-11-10",{"date":183,"score":165,"percentile":169},"2025-11-11",{"date":185,"score":165,"percentile":186},"2025-11-12",0.94523,{"date":188,"score":165,"percentile":189},"2025-11-13",0.94525,{"date":191,"score":165,"percentile":192},"2025-11-14",0.94527,{"date":194,"score":165,"percentile":195},"2025-11-15",0.94521,{"date":197,"score":165,"percentile":189},"2025-11-16",{"date":199,"score":165,"percentile":189},"2025-11-17",{"date":201,"score":202,"percentile":203},"2025-11-18",0.12098,0.93114,{"date":205,"score":202,"percentile":206},"2025-11-19",0.93118,{"date":208,"score":202,"percentile":209},"2025-11-20",0.93123,{"date":211,"score":165,"percentile":212},"2025-11-21",0.94533,{"date":214,"score":165,"percentile":215},"2025-11-22",0.94531,{"date":217,"score":165,"percentile":212},"2025-11-23",{"date":219,"score":165,"percentile":220},"2025-11-24",0.94535,{"date":222,"score":165,"percentile":223},"2025-11-25",0.94538,{"date":225,"score":165,"percentile":226},"2025-11-26",0.94539,{"date":228,"score":165,"percentile":229},"2025-11-27",0.94542,{"date":231,"score":165,"percentile":226},"2025-11-28",{"date":233,"score":165,"percentile":234},"2025-11-29",0.94543,{"date":236,"score":165,"percentile":237},"2025-11-30",0.94541,{"date":239,"score":240,"percentile":241},"2025-12-01",0.10747,0.93088,{"date":243,"score":240,"percentile":244},"2025-12-02",0.93093,{"date":246,"score":240,"percentile":247},"2025-12-03",0.93096,{"date":249,"score":165,"percentile":250},"2025-12-04",0.94537,{"date":252,"score":165,"percentile":226},"2025-12-05",{"date":254,"score":165,"percentile":226},"2025-12-06",{"date":256,"score":165,"percentile":257},"2025-12-07",0.94545,{"date":259,"score":165,"percentile":260},"2025-12-08",0.94546,{"date":262,"score":165,"percentile":263},"2025-12-09",0.9455,{"date":265,"score":165,"percentile":266},"2025-12-10",0.94557,{"date":268,"score":165,"percentile":269},"2025-12-11",0.9456,{"date":271,"score":165,"percentile":272},"2025-12-12",0.94563,{"date":274,"score":165,"percentile":272},"2025-12-13",{"date":276,"score":165,"percentile":277},"2025-12-14",0.94561,{"date":279,"score":165,"percentile":280},"2025-12-15",0.94565,{"date":282,"score":165,"percentile":283},"2025-12-16",0.94568,{"date":285,"score":165,"percentile":286},"2025-12-17",0.94571,{"date":288,"score":165,"percentile":289},"2025-12-18",0.94574,{"date":291,"score":165,"percentile":292},"2025-12-19",0.94575,{"date":294,"score":165,"percentile":295},"2025-12-20",0.94576,{"date":297,"score":165,"percentile":298},"2025-12-21",0.94578,{"date":300,"score":86,"percentile":186},"2025-12-22",{"date":302,"score":86,"percentile":195},"2025-12-23",{"date":304,"score":86,"percentile":192},"2025-12-24",{"date":306,"score":86,"percentile":220},"2025-12-25",{"date":308,"score":86,"percentile":309},"2025-12-26",0.94534,{"date":311,"score":312,"percentile":313},"2025-12-27",0.08945,0.92347,{"date":315,"score":86,"percentile":215},"2025-12-28",{"date":317,"score":86,"percentile":215},"2025-12-29",{"date":319,"score":86,"percentile":320},"2025-12-30",0.94532,{"date":322,"score":86,"percentile":250},"2025-12-31",{"date":324,"score":325,"percentile":326},"2026-01-01",0.10568,0.93077,{"date":328,"score":325,"percentile":329},"2026-01-02",0.93071,{"date":331,"score":325,"percentile":329},"2026-01-03",{"date":333,"score":86,"percentile":215},"2026-01-04",{"date":335,"score":86,"percentile":336},"2026-01-05",0.94526,{"date":338,"score":86,"percentile":336},"2026-01-06",{"date":340,"score":86,"percentile":336},"2026-01-07",{"date":342,"score":86,"percentile":343},"2026-01-08",0.9453,{"date":345,"score":86,"percentile":320},"2026-01-09",{"date":347,"score":86,"percentile":320},"2026-01-10",{"date":349,"score":86,"percentile":343},"2026-01-11",{"date":351,"score":86,"percentile":192},"2026-01-12",{"date":353,"score":86,"percentile":343},"2026-01-13",{"date":355,"score":86,"percentile":220},"2026-01-14",{"date":357,"score":86,"percentile":220},"2026-01-15",{"date":359,"score":360,"percentile":361},"2026-01-16",0.17415,0.94854,{"date":363,"score":360,"percentile":364},"2026-01-17",0.94855,{"date":366,"score":360,"percentile":361},"2026-01-18",{"date":368,"score":360,"percentile":369},"2026-01-19",0.94851,{"date":371,"score":360,"percentile":364},"2026-01-20",{"date":373,"score":360,"percentile":374},"2026-01-21",0.94857,{"date":376,"score":360,"percentile":377},"2026-01-22",0.94859,{"date":379,"score":360,"percentile":380},"2026-01-23",0.94863,{"date":382,"score":360,"percentile":383},"2026-01-24",0.94868,{"date":385,"score":360,"percentile":386},"2026-01-25",0.94871,{"date":388,"score":360,"percentile":389},"2026-01-26",0.94872,{"date":391,"score":360,"percentile":389},"2026-01-27",{"date":393,"score":360,"percentile":394},"2026-01-28",0.94874,{"date":396,"score":360,"percentile":397},"2026-01-29",0.94877,{"date":399,"score":360,"percentile":397},"2026-01-30",{"date":401,"score":360,"percentile":161},"2026-01-31",{"date":403,"score":404,"percentile":405},"2026-02-01",0.10709,0.93168,[407],{"source":90,"cvss_v2_0":408,"cvss_v3_0":9,"cvss_v3_1":413,"cvss_v4_0":9},{"baseScore":409,"baseSeverity":9,"vectorString":410,"impactScore":411,"exploitabilityScore":412},5,"AV:N/AC:L/Au:N/C:P/I:N/A:N",2.9,10,{"baseScore":88,"baseSeverity":414,"vectorString":91,"impactScore":415,"exploitabilityScore":412},"HIGH",6,[417,434,443,451,461,478],{"ecosystem":9,"name":418,"vendor":419,"product":420,"cpe_part":421,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":422},"ubuntu linux","canonical","ubuntu_linux","o",[423,426,428,430,432],{"version":424,"is_range":31,"range_type":425,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.04","cpe",{"version":427,"is_range":31,"range_type":425,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04",{"version":429,"is_range":31,"range_type":425,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"version":431,"is_range":31,"range_type":425,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04",{"version":433,"is_range":31,"range_type":425,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.10",{"ecosystem":9,"name":435,"vendor":436,"product":437,"cpe_part":421,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":438},"debian linux","debian","debian_linux",[439,441],{"version":440,"is_range":31,"range_type":425,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"version":442,"is_range":31,"range_type":425,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":444,"vendor":445,"product":446,"cpe_part":447,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":448},"storage automation store","netapp","storage_automation_store","a",[449],{"version":450,"is_range":31,"range_type":425,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na",{"ecosystem":9,"name":452,"vendor":453,"product":452,"cpe_part":421,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":454},"leap","opensuse",[455,457,459],{"version":456,"is_range":31,"range_type":425,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.0",{"version":458,"is_range":31,"range_type":425,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.1",{"version":460,"is_range":31,"range_type":425,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"42.3",{"ecosystem":9,"name":462,"vendor":9,"product":462,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":463},"PHP",[464,469,474],{"version":465,"is_range":466,"range_type":425,"version_start":9,"version_start_type":9,"version_end":467,"version_end_type":468,"fixed_in":9},"lt7.1.27",true,"7.1.27","excluding",{"version":470,"is_range":466,"range_type":425,"version_start":471,"version_start_type":472,"version_end":473,"version_end_type":468,"fixed_in":9},"gte7.2.0_lt7.2.16","7.2.0","including","7.2.16",{"version":475,"is_range":466,"range_type":425,"version_start":476,"version_start_type":472,"version_end":477,"version_end_type":468,"fixed_in":9},"gte7.3.0_lt7.3.3","7.3.0","7.3.3",{"ecosystem":9,"name":479,"vendor":480,"product":481,"cpe_part":447,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":482},"software collections","redhat","software_collections",[483],{"version":484,"is_range":31,"range_type":425,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.0"]