ID AKB:0ABCCCB8-7FD1-4E6E-8A71-8BE70037381A
Type attackerkb
Reporter AttackerKB
Modified 2020-09-09T00:00:00


In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash.

Recent assessments:

Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 0