{"containers": {"cna": {"affected": [{"product": "PHP", "vendor": "PHP Group", "versions": [{"status": "affected", "version": "7.1.x below 7.1.31"}, {"status": "affected", "version": "7.2.x below 7.2.21"}, {"status": "affected", "version": "7.3.x below 7.3.8"}]}], "credits": [{"lang": "en", "value": "By orestiskourides at gmail dot com"}], "datePublic": "2019-07-30T00:00:00", "descriptions": [{"lang": "en", "value": "When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash."}], "metrics": [{"cvssV3_0": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-07-22T17:06:35", "orgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "shortName": "php"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.php.net/bug.php?id=78222"}, {"name": "[debian-lts-announce] 20190812 [SECURITY] [DLA 1878-1] php5 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html"}, {"name": "USN-4097-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4097-2/"}, {"name": "USN-4097-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4097-1/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20190822-0003/"}, {"name": "20190920 [SECURITY] [DSA 4527-1] php7.3 security update", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2019/Sep/35"}, {"name": "DSA-4527", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2019/dsa-4527"}, {"name": "DSA-4529", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2019/dsa-4529"}, {"name": "20190923 [SECURITY] [DSA 4529-1] php7.0 security update", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2019/Sep/38"}, {"name": "openSUSE-SU-2019:2271", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.apple.com/kb/HT210634"}, {"name": "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2019/Oct/9"}, {"name": "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2019/Oct/15"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.apple.com/kb/HT210722"}, {"name": "20191031 APPLE-SA-2019-10-29-10 Additional information for APPLE-SA-2019-10-07-1 macOS Catalina 10.15", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2019/Oct/55"}, {"name": "RHSA-2019:3299", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:3299"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.tenable.com/security/tns-2021-14"}], "source": {"defect": ["https://bugs.php.net/bug.php?id=78222"], "discovery": "EXTERNAL"}, "title": "heap-buffer-overflow on exif_scan_thumbnail in EXIF extension", "x_generator": {"engine": "Vulnogram 0.0.7"}, "x_legacyV4Record": {"CVE_data_meta": {"AKA": "", "ASSIGNER": "security@php.net", "DATE_PUBLIC": "2019-07-30T03:21:00.000Z", "ID": "CVE-2019-11041", "STATE": "PUBLIC", "TITLE": "heap-buffer-overflow on exif_scan_thumbnail in EXIF extension"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "PHP", "version": {"version_data": [{"version_value": "7.1.x below 7.1.31"}, {"version_value": "7.2.x below 7.2.21"}, {"version_value": "7.3.x below 7.3.8"}]}}]}, "vendor_name": "PHP Group"}]}}, "configuration": [], "credit": [{"lang": "eng", "value": "By orestiskourides at gmail dot com"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash."}]}, "exploit": [], "generator": {"engine": "Vulnogram 0.0.7"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-125 Out-of-bounds Read"}]}]}, "references": {"reference_data": [{"name": "https://bugs.php.net/bug.php?id=78222", "refsource": "CONFIRM", "url": "https://bugs.php.net/bug.php?id=78222"}, {"name": "[debian-lts-announce] 20190812 [SECURITY] [DLA 1878-1] php5 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html"}, {"name": "USN-4097-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4097-2/"}, {"name": "USN-4097-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4097-1/"}, {"name": "https://security.netapp.com/advisory/ntap-20190822-0003/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20190822-0003/"}, {"name": "20190920 [SECURITY] [DSA 4527-1] php7.3 security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Sep/35"}, {"name": "DSA-4527", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4527"}, {"name": "DSA-4529", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4529"}, {"name": "20190923 [SECURITY] [DSA 4529-1] php7.0 security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Sep/38"}, {"name": "openSUSE-SU-2019:2271", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html"}, {"name": "https://support.apple.com/kb/HT210634", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT210634"}, {"name": "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Oct/9"}, {"name": "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2019/Oct/15"}, {"name": "https://support.apple.com/kb/HT210722", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT210722"}, {"name": "20191031 APPLE-SA-2019-10-29-10 Additional information for APPLE-SA-2019-10-07-1 macOS Catalina 10.15", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2019/Oct/55"}, {"name": "RHSA-2019:3299", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3299"}, {"name": "https://www.tenable.com/security/tns-2021-14", "refsource": "CONFIRM", "url": "https://www.tenable.com/security/tns-2021-14"}]}, "solution": [], "source": {"advisory": "", "defect": ["https://bugs.php.net/bug.php?id=78222"], "discovery": "EXTERNAL"}, "work_around": []}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T22:40:15.996Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.php.net/bug.php?id=78222"}, {"name": "[debian-lts-announce] 20190812 [SECURITY] [DLA 1878-1] php5 security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html"}, {"name": "USN-4097-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4097-2/"}, {"name": "USN-4097-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4097-1/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20190822-0003/"}, {"name": "20190920 [SECURITY] [DSA 4527-1] php7.3 security update", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "https://seclists.org/bugtraq/2019/Sep/35"}, {"name": "DSA-4527", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2019/dsa-4527"}, {"name": "DSA-4529", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2019/dsa-4529"}, {"name": "20190923 [SECURITY] [DSA 4529-1] php7.0 security update", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "https://seclists.org/bugtraq/2019/Sep/38"}, {"name": "openSUSE-SU-2019:2271", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.apple.com/kb/HT210634"}, {"name": "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "https://seclists.org/bugtraq/2019/Oct/9"}, {"name": "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2019/Oct/15"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.apple.com/kb/HT210722"}, {"name": "20191031 APPLE-SA-2019-10-29-10 Additional information for APPLE-SA-2019-10-07-1 macOS Catalina 10.15", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2019/Oct/55"}, {"name": "RHSA-2019:3299", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:3299"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.tenable.com/security/tns-2021-14"}]}]}, "cveMetadata": {"assignerOrgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "assignerShortName": "php", "cveId": "CVE-2019-11041", "datePublished": "2019-08-09T19:26:34.152284Z", "dateReserved": "2019-04-09T00:00:00", "dateUpdated": "2024-09-16T19:31:07.181Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "BB562D9A-1014-4E8B-9C23-D27AE0804D37", "versionEndExcluding": "7.1.31", "versionStartIncluding": "7.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "C12FECEA-A926-4C57-B65F-6815A6A091A9", "versionEndExcluding": "7.2.21", "versionStartIncluding": "7.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "76D1A2A9-CDA6-40AF-81C5-684FBCE2CC93", "versionEndExcluding": "7.3.8", "versionStartIncluding": "7.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "E773457A-E670-4DDA-86E2-0923C1DCD9BA", "versionEndExcluding": "10.15.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "9D7EE4B6-A6EC-4B9B-91DF-79615796673F", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", "matchCriteriaId": "41DBA7C7-8084-45F6-B59D-13A9022C34DF", "versionEndExcluding": "5.19.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash."}, {"lang": "es", "value": "Cuando la extensi\u00f3n EXIF de PHP est\u00e1 analizando informaci\u00f3n EXIF de una imagen, p.ej. por medio de la funci\u00f3n exif_read_data(), en PHP versiones 7.1.x anteriores a 7.1.31, versiones 7.2.x anteriores a 7.2.21 y versiones 7.3.x anteriores a 7.3.8, es posible suministrarle datos que causar\u00e1 que se lea m\u00e1s all\u00e1 del b\u00fafer asignado. Esto puede conllevar a la divulgaci\u00f3n de informaci\u00f3n o bloqueo."}], "id": "CVE-2019-11041", "lastModified": "2024-11-21T04:20:25.723", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 2.5, "source": "security@php.net", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-08-09T20:15:11.050", "references": [{"source": "security@php.net", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html"}, {"source": "security@php.net", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2019/Oct/15"}, {"source": "security@php.net", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2019/Oct/55"}, {"source": "security@php.net", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:3299"}, {"source": "security@php.net", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "https://bugs.php.net/bug.php?id=78222"}, {"source": "security@php.net", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html"}, {"source": "security@php.net", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://seclists.org/bugtraq/2019/Oct/9"}, {"source": "security@php.net", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://seclists.org/bugtraq/2019/Sep/35"}, {"source": "security@php.net", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://seclists.org/bugtraq/2019/Sep/38"}, {"source": "security@php.net", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20190822-0003/"}, {"source": "security@php.net", "tags": ["Third Party Advisory"], "url": "https://support.apple.com/kb/HT210634"}, {"source": "security@php.net", "tags": ["Third Party Advisory"], "url": "https://support.apple.com/kb/HT210722"}, {"source": "security@php.net", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4097-1/"}, {"source": "security@php.net", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4097-2/"}, {"source": "security@php.net", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2019/dsa-4527"}, {"source": "security@php.net", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2019/dsa-4529"}, {"source": "security@php.net", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/tns-2021-14"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2019/Oct/15"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2019/Oct/55"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:3299"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "https://bugs.php.net/bug.php?id=78222"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://seclists.org/bugtraq/2019/Oct/9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://seclists.org/bugtraq/2019/Sep/35"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://seclists.org/bugtraq/2019/Sep/38"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20190822-0003/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://support.apple.com/kb/HT210634"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://support.apple.com/kb/HT210722"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4097-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4097-2/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2019/dsa-4527"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2019/dsa-4529"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/tns-2021-14"}], "sourceIdentifier": "security@php.net", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "security@php.net", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2020:1624", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "php:7.2-8020020191108065827.2c7ca891", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-04-28T00:00:00Z"}, {"advisory": "RHSA-2020:3662", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "php:7.3-8020020200715124551.ceb1cf90", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-09-08T00:00:00Z"}, {"advisory": "RHSA-2019:3299", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-php72-php-0:7.2.24-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2019-11-01T00:00:00Z"}, {"advisory": "RHSA-2019:3299", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-php72-php-0:7.2.24-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS", "release_date": "2019-11-01T00:00:00Z"}, {"advisory": "RHSA-2019:3299", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-php72-php-0:7.2.24-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS", "release_date": "2019-11-01T00:00:00Z"}, {"advisory": "RHSA-2019:3299", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-php72-php-0:7.2.24-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date": "2019-11-01T00:00:00Z"}], "bugzilla": {"description": "php: Heap buffer over-read in exif_scan_thumbnail()", "id": "1739459", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1739459"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.7", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "status": "verified"}, "cwe": "CWE-120", "details": ["When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash."], "name": "CVE-2019-11041", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Out of support scope", "package_name": "php", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Out of support scope", "package_name": "php53", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "php", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "php", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Fix deferred", "package_name": "rh-php70-php", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Out of support scope", "package_name": "rh-php71-php", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Not affected", "package_name": "rh-php73-php", "product_name": "Red Hat Software Collections"}], "public_date": "2019-08-09T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-11041\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-11041"], "threat_severity": "Low"}