MGASA-2019-0412

Advisory lineage Upstream: 5 Downstream: 0

Upstream

CVE-2019-11045 CVE-2019-11046 CVE-2019-11047 CVE-2019-11049 CVE-2019-11050

Published: 25 Dec 2019, 19:08

Last modified:16 Apr 2026, 04:26

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

25 Dec 2019, 19:08

Published

Vulnerability first disclosed

16 Apr 2026, 04:26

Last Modified

Vulnerability information updated

Description

Updated php packages fix security vulnerabilities Updated php packages fix security vulnerabilities: DirectoryIterator class silently truncates after a null byte (CVE-2019-11045). Buffer underflow in bc_shift_addsub). (CVE-2019-11046) Heap-buffer-overflow READ in exif. (CVE-2019-11047) mail() may release string with refcount==1 twice. (CVE-2019-11049) Use-after-free in exif parsing under memory sanitizer). (CVE-2019-11050) For other fixes, see the referenced changelog.

Affected Systems

mageia•php
< 7.3.13-1.mga7

MGASA-2019-0412

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)