VYPR
Unrated severityNVD Advisory· Published Apr 18, 2019· Updated Sep 17, 2024

Heap over-read in PHP EXIF extension

CVE-2019-11035

Description

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

63

Patches

Vulnerability mechanics

References

14

News mentions

0

No linked articles in our index yet.