What is CVE-2019-9641?

CVE-2019-9641 is a vulnerability in N/a. Published 2019-03-08.

Is CVE-2019-9641 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2019-9641

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.

EPSS: 0.521 (98.0th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

DSA-4403 (vendor-advisory, x_refsource_DEBIAN)
bugs.php.net/bug.php (x_refsource_MISC)
USN-3922-1 (vendor-advisory, x_refsource_UBUNTU)
[debian-lts-announce] 20190331 [SECURITY] [DLA 1741-1] php5 security update (mailing-list, x_refsource_MLIST)
USN-3922-2 (vendor-advisory, x_refsource_UBUNTU)
openSUSE-SU-2019:1256 (vendor-advisory, x_refsource_SUSE)
USN-3922-3 (vendor-advisory, x_refsource_UBUNTU)
openSUSE-SU-2019:1293 (vendor-advisory, x_refsource_SUSE)
security.netapp.com/advisory/ntap-20190502-0007/ (x_refsource_CONFIRM)
openSUSE-SU-2019:1572 (vendor-advisory, x_refsource_SUSE)

Frequently asked questions

What is CVE-2019-9641?: CVE-2019-9641 is a vulnerability in N/a. Published 2019-03-08.
Is CVE-2019-9641 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.