vulnerability
Amazon Linux AMI: CVE-2019-11034: Security patch for php71, php72, php73 (ALAS-2019-1225)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:L/Au:N/C:P/I:N/A:P) | Apr 18, 2019 | Jun 14, 2019 | Oct 14, 2022 |
Severity
6
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:P)
Published
Apr 18, 2019
Added
Jun 14, 2019
Modified
Oct 14, 2022
Description
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
Solutions
amazon-linux-upgrade--php72amazon-linux-upgrade--php73amazon-linux-upgrade-php71
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.