CVE-2018-14883 — Vulnetix

CVE-2018-14883 PUBLISHED

EPSS 21.49% · 95.8th percentile

Risk Scores

EPSS Score

21.49%

95.8th percentile

Affected Products

Vendor	Product	Versions
Amazon	php72
Amazon	php56, php70, php71

Exploit Intelligence

https://bugs.php.net/bug.php?id=76423 (nist-nvd)
Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c (hackerone)
Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c (hackerone)
Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c (hackerone)
cve_db.json (github-poc)
cve_db.json (github-poc)
cve_db.json (github-poc)
cve_db.json (github-poc)
cve_db.json (github-poc)
cve_db.json (github-poc)

Timeline

CVE Published
Oct 21, 2019 PoC Published
Apr 14, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Mar 17, 2025 EPSS Score
Mar 29, 2025 EPSS Score
Mar 30, 2025 EPSS Score
May 4, 2025 EPSS Score
Jun 1, 2025 EPSS Score
Jun 4, 2025 EPSS Score
Jul 1, 2025 EPSS Score
Jul 4, 2025 EPSS Score

References

ALAS-2018-1067: php72 (medium) advisory
ALAS-2018-1066: php56, php70, php71 (low) advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›