Description
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
Remediation
References
Related Vulnerabilities
WordPress Plugin Woocommerce Categories in gallery format Cross-Site Scripting (1.0.1)
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7330)
Apache HTTP Server Numeric Errors Vulnerability (CVE-2006-3747)
WordPress Plugin WooCommerce BuddyPress Integration Unspecified Vulnerability (3.2.6.1)
WordPress Plugin Chained Quiz Multiple Cross-Site Scripting Vulnerabilities (0.9.8)