{"api_version":"1","generated_at":"2026-04-23T02:36:01+00:00","cve":"CVE-2019-11047","urls":{"html":"https://cve.report/CVE-2019-11047","api":"https://cve.report/api/cve/CVE-2019-11047.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2019-11047","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2019-11047"},"summary":{"title":"CVE-2019-11047","description":"When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.","state":"PUBLIC","assigner":"security@php.net","published_at":"2019-12-23 03:15:00","updated_at":"2023-11-07 03:02:00"},"problem_types":["CWE-125"],"metrics":[],"references":[{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/","name":"FEDORA-2019-a54a622670","refsource":"FEDORA","tags":["Third Party Advisory"],"title":"[SECURITY] Fedora 31 Update: php-7.3.13-1.fc31 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://seclists.org/bugtraq/2020/Feb/27","name":"20200218 [SECURITY] [DSA 4626-1] php7.3 security update","refsource":"BUGTRAQ","tags":[],"title":"Bugtraq: [SECURITY] [DSA 4626-1] php7.3 security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.debian.org/debian-lts-announce/2019/12/msg00034.html","name":"[debian-lts-announce] 20191229 [SECURITY] [DLA 2050-1] php5 security update","refsource":"MLIST","tags":["Mailing List","Third Party Advisory"],"title":"[SECURITY] [DLA 2050-1] php5 security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugs.php.net/bug.php?id=78910","name":"https://bugs.php.net/bug.php?id=78910","refsource":"MISC","tags":["Exploit","Patch","Vendor Advisory"],"title":"PHP :: Sec Bug #78910 :: Heap-buffer-overflow READ in exif","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/","name":"FEDORA-2019-437d94e271","refsource":"","tags":[],"title":"[SECURITY] Fedora 30 Update: php-7.3.13-1.fc30 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.tenable.com/security/tns-2021-14","name":"https://www.tenable.com/security/tns-2021-14","refsource":"CONFIRM","tags":[],"title":"[R1] Tenable.sc 5.19.0 Fixes Multiple Third-party Vulnerabilities - Security Advisory | Tenable®","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.debian.org/security/2020/dsa-4628","name":"DSA-4628","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-4628-1 php7.0","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.debian.org/security/2020/dsa-4626","name":"DSA-4626","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-4626-1 php7.3","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/","name":"FEDORA-2019-437d94e271","refsource":"FEDORA","tags":["Third Party Advisory"],"title":"[SECURITY] Fedora 30 Update: php-7.3.13-1.fc30 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00036.html","name":"openSUSE-SU-2020:0080","refsource":"SUSE","tags":[],"title":"[security-announce] openSUSE-SU-2020:0080-1: moderate: Security update f","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://seclists.org/bugtraq/2021/Jan/3","name":"20210116 Re: [SECURITY] [DSA 4628-1] php7.0 security update","refsource":"BUGTRAQ","tags":[],"title":"Bugtraq: Re: [SECURITY] [DSA 4628-1] php7.0 security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://seclists.org/bugtraq/2020/Feb/31","name":"20200219 [SECURITY] [DSA 4628-1] php7.0 security update","refsource":"BUGTRAQ","tags":[],"title":"Bugtraq: [SECURITY] [DSA 4628-1] php7.0 security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://usn.ubuntu.com/4239-1/","name":"USN-4239-1","refsource":"UBUNTU","tags":[],"title":"USN-4239-1: PHP vulnerabilities | Ubuntu security notices | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/","name":"FEDORA-2019-a54a622670","refsource":"","tags":[],"title":"[SECURITY] Fedora 31 Update: php-7.3.13-1.fc31 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.netapp.com/advisory/ntap-20200103-0002/","name":"https://security.netapp.com/advisory/ntap-20200103-0002/","refsource":"CONFIRM","tags":["Third Party Advisory"],"title":"December 2019 PHP Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2019-11047","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11047","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"LEGACY","value":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19044","lang":""}],"nvd_cpes":[{"cve_year":"2019","cve_id":"11047","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"12.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"-","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"11047","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"14.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"esm","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"11047","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"16.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"esm","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"11047","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"18.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"11047","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"19.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"11047","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"19.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"11047","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"11047","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"11047","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"11047","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"11047","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"30","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"11047","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"31","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"11047","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"30","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"11047","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"31","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"11047","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"11047","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"7.4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"11047","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"7.4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"11047","vulnerable":"1","versionEndIncluding":"7.2.26","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"11047","vulnerable":"1","versionEndIncluding":"7.3.13","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2019-11047","qid":"296076","title":"Oracle Solaris 11.4 Support Repository Update (SRU) 19.3.0 Missing (CPUJAN2020)"},{"cve":"CVE-2019-11047","qid":"501134","title":"Alpine Linux Security Update for php7"},{"cve":"CVE-2019-11047","qid":"752878","title":"SUSE Enterprise Linux Security Update for php7 (SUSE-SU-2022:4067-1)"},{"cve":"CVE-2019-11047","qid":"940250","title":"AlmaLinux Security Update for php:7.3 (ALSA-2020:3662)"},{"cve":"CVE-2019-11047","qid":"960421","title":"Rocky Linux Security Update for php:7.3 (RLSA-2020:3662)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security@php.net","DATE_PUBLIC":"2019-12-17T03:02:00.000Z","ID":"CVE-2019-11047","STATE":"PUBLIC","TITLE":"Heap-buffer-overflow READ in exif"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"PHP","version":{"version_data":[{"version_affected":"<","version_name":"7.2.x","version_value":"7.2.26"},{"version_affected":"<","version_name":"7.3.x","version_value":"7.3.13"},{"version_affected":"<","version_name":"7.4.x","version_value":"7.4.1"}]}}]},"vendor_name":"PHP Group"}]}},"credit":[{"lang":"eng","value":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19044"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":4.8,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-125 Out-of-bounds Read"}]}]},"references":{"reference_data":[{"refsource":"MISC","url":"https://bugs.php.net/bug.php?id=78910","name":"https://bugs.php.net/bug.php?id=78910"},{"refsource":"MLIST","name":"[debian-lts-announce] 20191229 [SECURITY] [DLA 2050-1] php5 security update","url":"https://lists.debian.org/debian-lts-announce/2019/12/msg00034.html"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20200103-0002/","url":"https://security.netapp.com/advisory/ntap-20200103-0002/"},{"refsource":"FEDORA","name":"FEDORA-2019-437d94e271","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/"},{"refsource":"FEDORA","name":"FEDORA-2019-a54a622670","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/"},{"refsource":"UBUNTU","name":"USN-4239-1","url":"https://usn.ubuntu.com/4239-1/"},{"refsource":"SUSE","name":"openSUSE-SU-2020:0080","url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00036.html"},{"refsource":"BUGTRAQ","name":"20200218 [SECURITY] [DSA 4626-1] php7.3 security update","url":"https://seclists.org/bugtraq/2020/Feb/27"},{"refsource":"DEBIAN","name":"DSA-4626","url":"https://www.debian.org/security/2020/dsa-4626"},{"refsource":"DEBIAN","name":"DSA-4628","url":"https://www.debian.org/security/2020/dsa-4628"},{"refsource":"BUGTRAQ","name":"20200219 [SECURITY] [DSA 4628-1] php7.0 security update","url":"https://seclists.org/bugtraq/2020/Feb/31"},{"refsource":"BUGTRAQ","name":"20210116 Re: [SECURITY] [DSA 4628-1] php7.0 security update","url":"https://seclists.org/bugtraq/2021/Jan/3"},{"refsource":"CONFIRM","name":"https://www.tenable.com/security/tns-2021-14","url":"https://www.tenable.com/security/tns-2021-14"}]},"source":{"defect":["https://bugs.php.net/bug.php?id=78910"],"discovery":"INTERNAL"}},"nvd":{"publishedDate":"2019-12-23 03:15:00","lastModifiedDate":"2023-11-07 03:02:00","problem_types":["CWE-125"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"LOW","baseScore":6.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":3.9,"impactScore":2.5},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"PARTIAL","baseScore":6.4},"severity":"MEDIUM","exploitabilityScore":10,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:php:php:7.4.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.2.26","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.0","versionEndExcluding":"7.3.13","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2019","CveId":"11047","Ordinal":"149328","Title":"CVE-2019-11047","CVE":"CVE-2019-11047","Year":"2019"},"notes":[{"CveYear":"2019","CveId":"11047","Ordinal":"1","NoteData":"When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.","Type":"Description","Title":null},{"CveYear":"2019","CveId":"11047","Ordinal":"2","NoteData":"2019-12-22","Type":"Other","Title":"Published"},{"CveYear":"2019","CveId":"11047","Ordinal":"3","NoteData":"2021-07-22","Type":"Other","Title":"Modified"}]}}}