Total vulnerabilities in the database
In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash.
| Software | From | Fixed in |
|---|---|---|
| php / php | 7.3.0 | 7.3.16 |
| php / php | 7.2.0 | 7.2.29 |
| php / php | 7.4.0 | 7.4.4 |
| debian / debian_linux | 8.0 | 8.0.x |
| debian / debian_linux | 9.0 | 9.0.x |
| debian / debian_linux | 10.0 | 10.0.x |
| canonical / ubuntu_linux | 16.04 | 16.04.x |
| canonical / ubuntu_linux | 12.04 | 12.04.x |
| canonical / ubuntu_linux | 18.04 | 18.04.x |
| canonical / ubuntu_linux | 14.04 | 14.04.x |
| canonical / ubuntu_linux | 19.10 | 19.10.x |
| canonical / ubuntu_linux | 20.04 | 20.04.x |
| opensuse / leap | 15.1 | 15.1.x |
| tenable / tenable.sc | - | 5.19.0 |