vulnerability
Ubuntu: (Multiple Advisories) (CVE-2019-11036): PHP vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:L/Au:N/C:P/I:N/A:P) | May 3, 2019 | May 23, 2019 | Nov 27, 2024 |
Severity
6
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:P)
Published
May 3, 2019
Added
May 23, 2019
Modified
Nov 27, 2024
Description
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
Solution(s)
ubuntu-pro-upgrade-libapache2-mod-php5ubuntu-pro-upgrade-libapache2-mod-php7-0ubuntu-pro-upgrade-libapache2-mod-php7-2ubuntu-pro-upgrade-php5-cgiubuntu-pro-upgrade-php5-cliubuntu-pro-upgrade-php5-fpmubuntu-pro-upgrade-php7-0-cgiubuntu-pro-upgrade-php7-0-cliubuntu-pro-upgrade-php7-0-fpmubuntu-pro-upgrade-php7-2-cgiubuntu-pro-upgrade-php7-2-cliubuntu-pro-upgrade-php7-2-fpm
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.