VDB
CVE-2019-11041
CVE-2019-11041
PUBLISHED
EPSS 3.21% · 87.3th percentile
Risk Scores
EPSS Score
3.21%
87.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amazon | php72 | |
| Amazon | php71, php73 |
Exploit Intelligence
- https://bugs.php.net/bug.php?id=78222 (nist-nvd)
- Out of Bounds Memory Read in exif_scan_thumbnail (hackerone)
- Out of Bounds Memory Read in exif_scan_thumbnail (hackerone)
- Out of Bounds Memory Read in exif_scan_thumbnail (hackerone)
- phuip-fpizdam.yara (github-yara)
- phuip-fpizdam.yara (github-yara)
- phuip-fpizdam.yara (github-yara)
- phuip-fpizdam.yara (github-yara)
- phuip-fpizdam.yara (github-yara)
- phuip-fpizdam.yara (github-yara)
…and 2 more exploits
Timeline
- CVE Published
- Nov 9, 2020 PoC Published
- Apr 14, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Oct 21, 2023 PoC Published
- Mar 17, 2025 EPSS Score
- Mar 18, 2025 EPSS Score
- Mar 29, 2025 EPSS Score
- Apr 1, 2025 EPSS Score
- Apr 2, 2025 EPSS Score
- Apr 10, 2025 EPSS Score
References
- ALAS-2019-1284: php72 (low) advisory
- ALAS-2019-1283: php71, php73 (low) advisory