CVE-2019-11038 — Vulnetix

CVE-2019-11038 PUBLISHED

EPSS 10.54% · 93.4th percentile

Risk Scores

EPSS Score

10.54%

93.4th percentile

Affected Products

Vendor	Product	Versions
Amazon	php71, php72, php73

Exploit Intelligence

https://bugzilla.redhat.com/show_bug.cgi?id=1724149 (nist-nvd)
https://bugzilla.redhat.com/show_bug.cgi?id=1724432 (nist-nvd)
https://bugzilla.suse.com/show_bug.cgi?id=1140118 (nist-nvd)
https://bugzilla.suse.com/show_bug.cgi?id=1140120 (nist-nvd)
https://github.com/libgd/libgd/issues/501 (nist-nvd)
Uninitialized read in gdImageCreateFromXbm (hackerone)
Uninitialized read in gdImageCreateFromXbm (hackerone)
Uninitialized read in gdImageCreateFromXbm (hackerone)

Timeline

CVE Published
Oct 10, 2020 PoC Published
Apr 14, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Mar 17, 2025 EPSS Score
Mar 29, 2025 EPSS Score
Apr 5, 2025 EPSS Score
Apr 6, 2025 EPSS Score
May 4, 2025 EPSS Score
May 10, 2025 EPSS Score
Jun 5, 2025 EPSS Score

References

ALAS-2019-1240: php71, php72, php73 (medium) advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›