National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:php:php:7.1.2
There are 67 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2019-11043

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.

Published: October 28, 2019; 11:15:13 AM -04:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-11042

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

Published: August 09, 2019; 04:15:11 PM -04:00
V3.1: 7.1 HIGH
    V2: 5.8 MEDIUM
CVE-2019-11041

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

Published: August 09, 2019; 04:15:11 PM -04:00
V3.1: 7.1 HIGH
    V2: 5.8 MEDIUM
CVE-2019-11040

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

Published: June 18, 2019; 08:15:12 PM -04:00
V3.0: 9.1 CRITICAL
    V2: 6.4 MEDIUM
CVE-2019-11039

Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.

Published: June 18, 2019; 08:15:12 PM -04:00
V3.0: 9.1 CRITICAL
    V2: 6.4 MEDIUM
CVE-2019-11038

When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code.

Published: June 18, 2019; 08:15:12 PM -04:00
V3.0: 5.3 MEDIUM
    V2: 5.0 MEDIUM
CVE-2019-11036

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.

Published: May 03, 2019; 04:29:00 PM -04:00
V3.0: 9.1 CRITICAL
    V2: 6.4 MEDIUM
CVE-2019-11035

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash.

Published: April 18, 2019; 01:29:00 PM -04:00
V3.0: 9.1 CRITICAL
    V2: 6.4 MEDIUM
CVE-2019-11034

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.

Published: April 18, 2019; 01:29:00 PM -04:00
V3.0: 9.1 CRITICAL
    V2: 6.4 MEDIUM
CVE-2019-9675

** DISPUTED ** An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used only when an archive contains a symlink, which currently cannot happen: "This issue allows theoretical compromise of security, but a practical attack is usually impossible."

Published: March 11, 2019; 07:29:12 AM -04:00
V3.0: 8.1 HIGH
    V2: 6.8 MEDIUM
CVE-2019-9641

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.

Published: March 08, 2019; 07:29:00 PM -05:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-9640

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn.

Published: March 08, 2019; 07:29:00 PM -05:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2019-9639

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.

Published: March 08, 2019; 07:29:00 PM -05:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2019-9638

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.

Published: March 08, 2019; 07:29:00 PM -05:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2019-9637

An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.

Published: March 08, 2019; 07:29:00 PM -05:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2019-9024

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c.

Published: February 22, 2019; 06:29:00 PM -05:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2019-9023

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regcomp.c, ext/mbstring/oniguruma/regexec.c, ext/mbstring/oniguruma/regparse.c, ext/mbstring/oniguruma/enc/unicode.c, and ext/mbstring/oniguruma/src/utf32_be.c when a multibyte regular expression pattern contains invalid multibyte sequences.

Published: February 22, 2019; 06:29:00 PM -05:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-9022

An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dns_get_record misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects php_parserr in ext/standard/dns.c for DNS_CAA and DNS_ANY queries.

Published: February 22, 2019; 06:29:00 PM -05:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2019-9021

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file name, a different vulnerability than CVE-2018-20783. This is related to phar_detect_phar_fname_ext in ext/phar/phar.c.

Published: February 22, 2019; 06:29:00 PM -05:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-9020

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrpc/xml_element.c.

Published: February 22, 2019; 06:29:00 PM -05:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH