[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-9640":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":33,"duplicate_of":9,"upstream":34,"downstream":35,"duplicates":70,"related":71,"reserved_at":9,"published_at":81,"modified_at":82,"state":83,"summary":84,"references_raw":92,"kevs":158,"epss":159,"epss_history":162,"metrics":416,"affected":426},"CVE-2019-9640","An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[24],{"_key":25,"name":26,"source":27,"url":28,"maturity":29,"reliability_score":30,"verified":31,"type":9,"platforms":32,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_5618E365127FD10C","Exploit Reference (bugs.php.net)","reference","https://bugs.php.net/bug.php?id=77540","unknown",0.2,false,[],[],[],[36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68],{"_key":37},"SUSE-SU-2019:0988-1",{"_key":39},"SUSE-SU-2019:1325-1",{"_key":41},"SUSE-SU-2019:14013-1",{"_key":43},"SUSE-SU-2019:1461-1",{"_key":45},"SUSE-SU-2022:4067-1",{"_key":47},"OPENSUSE-SU-2019:1572-1",{"_key":49},"OPENSUSE-SU-2019:1573-1",{"_key":51},"OPENSUSE-SU-2024:11167-1",{"_key":53},"OPENSUSE-SU-2024:11169-1",{"_key":55},"RHSA-2020:1624",{"_key":57},"DLA-1741-1",{"_key":59},"DSA-4403-1",{"_key":61},"UBUNTU-CVE-2019-9640",{"_key":63},"USN-3922-1",{"_key":65},"USN-3922-2",{"_key":67},"RHSA-2019:2519",{"_key":69},"RHSA-2019:3299",[],[72,73,74,75,76,77,78,79,80],{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},"2019-03-08T23:00:00.000Z","2024-08-04T21:54:45.054Z","Modified",{"cisa_kev":31,"cisa_ransomware":31,"cisa_vendor":9,"epss_severity":85,"epss_score":86,"severity":87,"severity_score":88,"severity_version":89,"severity_source":90,"severity_vector":91,"severity_status":83},"medium",0.14105,"high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",[93,101,108,113,119,123,127,132,137,141,145,149,154],{"url":94,"sources":95,"tags":97},"https://www.debian.org/security/2019/dsa-4403",[96,90],"cve.org",[98,99,100],"Vendor Advisory","X Refsource DEBIAN","Third Party Advisory",{"url":28,"sources":102,"tags":103},[96,90],[104,105,106,107,98],"X Refsource MISC","Exploit","Issue Tracking","Patch",{"url":109,"sources":110,"tags":111},"https://usn.ubuntu.com/3922-1/",[96,90],[98,112,100],"X Refsource UBUNTU",{"url":114,"sources":115,"tags":116},"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html",[96,90],[117,118,100],"Mailing List","X Refsource MLIST",{"url":120,"sources":121,"tags":122},"https://usn.ubuntu.com/3922-2/",[96,90],[98,112,100],{"url":124,"sources":125,"tags":126},"https://usn.ubuntu.com/3922-3/",[96,90],[98,112,100],{"url":128,"sources":129,"tags":130},"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",[96,90],[98,131,117,100],"X Refsource SUSE",{"url":133,"sources":134,"tags":135},"https://security.netapp.com/advisory/ntap-20190502-0007/",[96,90],[136,107,100],"X Refsource CONFIRM",{"url":138,"sources":139,"tags":140},"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html",[96,90],[98,131,117,100],{"url":142,"sources":143,"tags":144},"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",[96,90],[98,131,117,100],{"url":146,"sources":147,"tags":148},"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",[96,90],[98,131,117,100],{"url":150,"sources":151,"tags":152},"https://access.redhat.com/errata/RHSA-2019:2519",[96,90],[98,153,100],"X Refsource REDHAT",{"url":155,"sources":156,"tags":157},"https://access.redhat.com/errata/RHSA-2019:3299",[96,90],[98,153,100],[],{"date":160,"score":86,"percentile":161},"2026-06-04",0.94491,[163,167,170,173,176,179,182,184,187,190,193,196,199,201,204,208,211,214,217,220,223,226,229,232,235,238,240,242,246,249,252,255,258,260,262,264,267,270,273,276,279,281,283,287,290,293,296,299,302,306,308,311,314,317,321,324,326,329,332,336,339,342,344,347,350,352,354,357,359,361,364,366,368,371,373,376,378,380,382,384,387,390,393,396,399,402,405,408,410,413],{"date":164,"score":165,"percentile":166},"2025-11-04",0.14333,0.94119,{"date":168,"score":165,"percentile":169},"2025-11-05",0.94118,{"date":171,"score":165,"percentile":172},"2025-11-06",0.9412,{"date":174,"score":165,"percentile":175},"2025-11-07",0.94124,{"date":177,"score":165,"percentile":178},"2025-11-08",0.94125,{"date":180,"score":165,"percentile":181},"2025-11-09",0.94122,{"date":183,"score":165,"percentile":175},"2025-11-10",{"date":185,"score":165,"percentile":186},"2025-11-11",0.94126,{"date":188,"score":165,"percentile":189},"2025-11-12",0.94131,{"date":191,"score":165,"percentile":192},"2025-11-13",0.94132,{"date":194,"score":165,"percentile":195},"2025-11-14",0.94134,{"date":197,"score":165,"percentile":198},"2025-11-15",0.94129,{"date":200,"score":165,"percentile":192},"2025-11-16",{"date":202,"score":165,"percentile":203},"2025-11-17",0.9413,{"date":205,"score":206,"percentile":207},"2025-11-18",0.12235,0.93172,{"date":209,"score":206,"percentile":210},"2025-11-19",0.93176,{"date":212,"score":206,"percentile":213},"2025-11-20",0.93181,{"date":215,"score":165,"percentile":216},"2025-11-21",0.94137,{"date":218,"score":165,"percentile":219},"2025-11-22",0.94135,{"date":221,"score":165,"percentile":222},"2025-11-23",0.94138,{"date":224,"score":165,"percentile":225},"2025-11-24",0.94139,{"date":227,"score":165,"percentile":228},"2025-11-25",0.94142,{"date":230,"score":165,"percentile":231},"2025-11-26",0.94143,{"date":233,"score":165,"percentile":234},"2025-11-27",0.94145,{"date":236,"score":165,"percentile":237},"2025-11-28",0.94141,{"date":239,"score":165,"percentile":237},"2025-11-29",{"date":241,"score":165,"percentile":237},"2025-11-30",{"date":243,"score":244,"percentile":245},"2025-12-01",0.08656,0.92144,{"date":247,"score":244,"percentile":248},"2025-12-02",0.92149,{"date":250,"score":244,"percentile":251},"2025-12-03",0.92152,{"date":253,"score":165,"percentile":254},"2025-12-04",0.94136,{"date":256,"score":165,"percentile":257},"2025-12-05",0.9414,{"date":259,"score":165,"percentile":257},"2025-12-06",{"date":261,"score":165,"percentile":222},"2025-12-07",{"date":263,"score":165,"percentile":257},"2025-12-08",{"date":265,"score":165,"percentile":266},"2025-12-09",0.94147,{"date":268,"score":165,"percentile":269},"2025-12-10",0.94155,{"date":271,"score":165,"percentile":272},"2025-12-11",0.94157,{"date":274,"score":165,"percentile":275},"2025-12-12",0.9416,{"date":277,"score":165,"percentile":278},"2025-12-13",0.94158,{"date":280,"score":165,"percentile":272},"2025-12-14",{"date":282,"score":165,"percentile":275},"2025-12-15",{"date":284,"score":285,"percentile":286},"2025-12-16",0.16489,0.94666,{"date":288,"score":285,"percentile":289},"2025-12-17",0.94668,{"date":291,"score":285,"percentile":292},"2025-12-18",0.9467,{"date":294,"score":285,"percentile":295},"2025-12-19",0.94671,{"date":297,"score":285,"percentile":298},"2025-12-20",0.94672,{"date":300,"score":285,"percentile":301},"2025-12-21",0.94673,{"date":303,"score":304,"percentile":305},"2025-12-22",0.16236,0.9459,{"date":307,"score":304,"percentile":305},"2025-12-23",{"date":309,"score":304,"percentile":310},"2025-12-24",0.94596,{"date":312,"score":304,"percentile":313},"2025-12-25",0.94603,{"date":315,"score":304,"percentile":316},"2025-12-26",0.94602,{"date":318,"score":319,"percentile":320},"2025-12-27",0.09145,0.92438,{"date":322,"score":304,"percentile":323},"2025-12-28",0.94597,{"date":325,"score":304,"percentile":323},"2025-12-29",{"date":327,"score":304,"percentile":328},"2025-12-30",0.94598,{"date":330,"score":304,"percentile":331},"2025-12-31",0.94604,{"date":333,"score":334,"percentile":335},"2026-01-01",0.09915,0.92818,{"date":337,"score":334,"percentile":338},"2026-01-02",0.9281,{"date":340,"score":334,"percentile":341},"2026-01-03",0.92809,{"date":343,"score":304,"percentile":323},"2026-01-04",{"date":345,"score":304,"percentile":346},"2026-01-05",0.94593,{"date":348,"score":304,"percentile":349},"2026-01-06",0.94592,{"date":351,"score":304,"percentile":346},"2026-01-07",{"date":353,"score":304,"percentile":328},"2026-01-08",{"date":355,"score":304,"percentile":356},"2026-01-09",0.94599,{"date":358,"score":304,"percentile":356},"2026-01-10",{"date":360,"score":304,"percentile":323},"2026-01-11",{"date":362,"score":304,"percentile":363},"2026-01-12",0.94594,{"date":365,"score":304,"percentile":363},"2026-01-13",{"date":367,"score":304,"percentile":356},"2026-01-14",{"date":369,"score":304,"percentile":370},"2026-01-15",0.946,{"date":372,"score":304,"percentile":313},"2026-01-16",{"date":374,"score":304,"percentile":375},"2026-01-17",0.94605,{"date":377,"score":304,"percentile":316},"2026-01-18",{"date":379,"score":304,"percentile":328},"2026-01-19",{"date":381,"score":304,"percentile":331},"2026-01-20",{"date":383,"score":304,"percentile":375},"2026-01-21",{"date":385,"score":304,"percentile":386},"2026-01-22",0.94607,{"date":388,"score":304,"percentile":389},"2026-01-23",0.94613,{"date":391,"score":304,"percentile":392},"2026-01-24",0.94617,{"date":394,"score":304,"percentile":395},"2026-01-25",0.94618,{"date":397,"score":304,"percentile":398},"2026-01-26",0.94621,{"date":400,"score":304,"percentile":401},"2026-01-27",0.9462,{"date":403,"score":304,"percentile":404},"2026-01-28",0.94622,{"date":406,"score":304,"percentile":407},"2026-01-29",0.94624,{"date":409,"score":304,"percentile":407},"2026-01-30",{"date":411,"score":304,"percentile":412},"2026-01-31",0.94627,{"date":414,"score":334,"percentile":415},"2026-02-01",0.92852,[417],{"source":90,"cvss_v2_0":418,"cvss_v3_0":9,"cvss_v3_1":423,"cvss_v4_0":9},{"baseScore":419,"baseSeverity":9,"vectorString":420,"impactScore":421,"exploitabilityScore":422},5,"AV:N/AC:L/Au:N/C:P/I:N/A:N",2.9,10,{"baseScore":88,"baseSeverity":424,"vectorString":91,"impactScore":425,"exploitabilityScore":422},"HIGH",6,[427,444,453,461,471,489],{"ecosystem":9,"name":428,"vendor":429,"product":430,"cpe_part":431,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":432},"ubuntu linux","canonical","ubuntu_linux","o",[433,436,438,440,442],{"version":434,"is_range":31,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.04","cpe",{"version":437,"is_range":31,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04",{"version":439,"is_range":31,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"version":441,"is_range":31,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04",{"version":443,"is_range":31,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.10",{"ecosystem":9,"name":445,"vendor":446,"product":447,"cpe_part":431,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":448},"debian linux","debian","debian_linux",[449,451],{"version":450,"is_range":31,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"version":452,"is_range":31,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":454,"vendor":455,"product":456,"cpe_part":457,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":458},"storage automation store","netapp","storage_automation_store","a",[459],{"version":460,"is_range":31,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na",{"ecosystem":9,"name":462,"vendor":463,"product":462,"cpe_part":431,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":464},"leap","opensuse",[465,467,469],{"version":466,"is_range":31,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.0",{"version":468,"is_range":31,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.1",{"version":470,"is_range":31,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"42.3",{"ecosystem":9,"name":472,"vendor":9,"product":472,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":473},"PHP",[474,481,485],{"version":475,"is_range":476,"range_type":435,"version_start":477,"version_start_type":478,"version_end":479,"version_end_type":480,"fixed_in":9},"gte7.1.0_lt7.1.27",true,"7.1.0","including","7.1.27","excluding",{"version":482,"is_range":476,"range_type":435,"version_start":483,"version_start_type":478,"version_end":484,"version_end_type":480,"fixed_in":9},"gte7.2.0_lt7.2.16","7.2.0","7.2.16",{"version":486,"is_range":476,"range_type":435,"version_start":487,"version_start_type":478,"version_end":488,"version_end_type":480,"fixed_in":9},"gte7.3.0_lt7.3.3","7.3.0","7.3.3",{"ecosystem":9,"name":490,"vendor":491,"product":492,"cpe_part":457,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":493},"software collections","redhat","software_collections",[494],{"version":495,"is_range":31,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.0"]