vulnerability
Amazon Linux AMI: CVE-2019-11036: Security patch for php71, php72, php73 (ALAS-2019-1225)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:L/Au:N/C:P/I:N/A:P) | May 3, 2019 | Jun 14, 2019 | Oct 14, 2022 |
Severity
6
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:P)
Published
May 3, 2019
Added
Jun 14, 2019
Modified
Oct 14, 2022
Description
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
Solutions
amazon-linux-upgrade--php72amazon-linux-upgrade--php73amazon-linux-upgrade-php71
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.