[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-OPENSUSE-SU-2019:1573-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":46,"duplicates":47,"related":48,"reserved_at":9,"published_at":65,"modified_at":66,"state":9,"summary":67,"references_raw":69,"kevs":214,"epss":9,"epss_history":215,"metrics":216,"affected":217},"OPENSUSE-SU-2019:1573-1","Security update for php7\n\nThis update for php7 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-9637: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128892).\n- CVE-2019-9675: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128886).\n- CVE-2019-9638: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension ((bsc#1128889).\n- CVE-2019-9639: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128887).\n- CVE-2019-9640: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128883).\n- CVE-2019-9022: Fixed a vulnerability which could allow a hostile DNS server to make PHP misuse memcpy (bsc#1126827).\n- CVE-2019-9024: Fixed a vulnerability in xmlrpc_decode function which could allow to a hostile XMLRPC server\n  to cause memory read outside the allocated areas (bsc#1126821).\n- CVE-2019-9020: Fixed a heap out of bounds in xmlrpc_decode function (bsc#1126711).\n- CVE-2018-20783: Fixed a buffer over-read in PHAR reading functions which could allow an attacker to read\n  allocated and unallocated memory when parsing a phar file (bsc#1127122).\n- CVE-2019-9021: Fixed a heap buffer-based buffer over-read in PHAR reading functions which could allow an\n  attacker to read allocated and unallocated memory when parsing a phar file (bsc#1126713).\n- CVE-2019-9023: Fixed multiple heap-based buffer over-read instances in mbstring regular expression functions (bsc#1126823).\n- CVE-2019-9641: Fixed multiple invalid memory access in EXIF extension and improved insecure implementation\n  of rename function (bsc#1128722).\n- CVE-2018-19935: Fixed a Denial of Service in php_imap.c which could be triggered \n  via an empty string in the message argument to imap_mail (bsc#1118832).\n- CVE-2019-11034: Fixed a heap-buffer overflow in php_ifd_get32si() (bsc#1132838).\n- CVE-2019-11035: Fixed a heap-buffer overflow in exif_iif_add_value() (bsc#1132837).\n- CVE-2019-11036: Fixed buffer over-read in exif_process_IFD_TAG function leading to information disclosure (bsc#1134322).\n\nOther issue addressed:   \n\n- Deleted README.default_socket_timeout which is not needed anymore (bsc#1129032).\n- Enabled php7 testsuite (bsc#1119396).\n\nThis update was imported from the SUSE:SLE-15:Update update project.",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44],{"_key":15},"CVE-2018-19935",{"_key":17},"CVE-2018-20783",{"_key":19},"CVE-2019-11034",{"_key":21},"CVE-2019-11035",{"_key":23},"CVE-2019-11036",{"_key":25},"CVE-2019-9020",{"_key":27},"CVE-2019-9021",{"_key":29},"CVE-2019-9022",{"_key":31},"CVE-2019-9023",{"_key":33},"CVE-2019-9024",{"_key":35},"CVE-2019-9637",{"_key":37},"CVE-2019-9638",{"_key":39},"CVE-2019-9639",{"_key":41},"CVE-2019-9640",{"_key":43},"CVE-2019-9641",{"_key":45},"CVE-2019-9675",[],[],[49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},"2019-06-18T11:38:13Z","2026-02-04T02:13:09.997420Z",{"cisa_kev":68,"cisa_ransomware":68,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[70,76,81,85,89,93,97,101,105,109,113,117,121,125,129,133,137,141,145,149,154,158,162,166,170,174,178,182,186,190,194,198,202,206,210],{"url":71,"sources":72,"tags":74},"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BZGSTORTRYTIVYMVFOFYRIJIMKYXZ32T/#BZGSTORTRYTIVYMVFOFYRIJIMKYXZ32T",[73],"osv_opensuse",[75],"Advisory",{"url":77,"sources":78,"tags":79},"https://bugzilla.suse.com/1118832",[73],[80],"REPORT",{"url":82,"sources":83,"tags":84},"https://bugzilla.suse.com/1119396",[73],[80],{"url":86,"sources":87,"tags":88},"https://bugzilla.suse.com/1126711",[73],[80],{"url":90,"sources":91,"tags":92},"https://bugzilla.suse.com/1126713",[73],[80],{"url":94,"sources":95,"tags":96},"https://bugzilla.suse.com/1126821",[73],[80],{"url":98,"sources":99,"tags":100},"https://bugzilla.suse.com/1126823",[73],[80],{"url":102,"sources":103,"tags":104},"https://bugzilla.suse.com/1126827",[73],[80],{"url":106,"sources":107,"tags":108},"https://bugzilla.suse.com/1127122",[73],[80],{"url":110,"sources":111,"tags":112},"https://bugzilla.suse.com/1128722",[73],[80],{"url":114,"sources":115,"tags":116},"https://bugzilla.suse.com/1128883",[73],[80],{"url":118,"sources":119,"tags":120},"https://bugzilla.suse.com/1128886",[73],[80],{"url":122,"sources":123,"tags":124},"https://bugzilla.suse.com/1128887",[73],[80],{"url":126,"sources":127,"tags":128},"https://bugzilla.suse.com/1128889",[73],[80],{"url":130,"sources":131,"tags":132},"https://bugzilla.suse.com/1128892",[73],[80],{"url":134,"sources":135,"tags":136},"https://bugzilla.suse.com/1129032",[73],[80],{"url":138,"sources":139,"tags":140},"https://bugzilla.suse.com/1132837",[73],[80],{"url":142,"sources":143,"tags":144},"https://bugzilla.suse.com/1132838",[73],[80],{"url":146,"sources":147,"tags":148},"https://bugzilla.suse.com/1134322",[73],[80],{"url":150,"sources":151,"tags":152},"https://www.suse.com/security/cve/CVE-2018-19935",[73],[153],"WEB",{"url":155,"sources":156,"tags":157},"https://www.suse.com/security/cve/CVE-2018-20783",[73],[153],{"url":159,"sources":160,"tags":161},"https://www.suse.com/security/cve/CVE-2019-11034",[73],[153],{"url":163,"sources":164,"tags":165},"https://www.suse.com/security/cve/CVE-2019-11035",[73],[153],{"url":167,"sources":168,"tags":169},"https://www.suse.com/security/cve/CVE-2019-11036",[73],[153],{"url":171,"sources":172,"tags":173},"https://www.suse.com/security/cve/CVE-2019-9020",[73],[153],{"url":175,"sources":176,"tags":177},"https://www.suse.com/security/cve/CVE-2019-9021",[73],[153],{"url":179,"sources":180,"tags":181},"https://www.suse.com/security/cve/CVE-2019-9022",[73],[153],{"url":183,"sources":184,"tags":185},"https://www.suse.com/security/cve/CVE-2019-9023",[73],[153],{"url":187,"sources":188,"tags":189},"https://www.suse.com/security/cve/CVE-2019-9024",[73],[153],{"url":191,"sources":192,"tags":193},"https://www.suse.com/security/cve/CVE-2019-9637",[73],[153],{"url":195,"sources":196,"tags":197},"https://www.suse.com/security/cve/CVE-2019-9638",[73],[153],{"url":199,"sources":200,"tags":201},"https://www.suse.com/security/cve/CVE-2019-9639",[73],[153],{"url":203,"sources":204,"tags":205},"https://www.suse.com/security/cve/CVE-2019-9640",[73],[153],{"url":207,"sources":208,"tags":209},"https://www.suse.com/security/cve/CVE-2019-9641",[73],[153],{"url":211,"sources":212,"tags":213},"https://www.suse.com/security/cve/CVE-2019-9675",[73],[153],[],[],[],[218],{"ecosystem":219,"name":220,"vendor":221,"product":222,"cpe_part":9,"purl_type":223,"purl_namespace":221,"purl_name":222,"source":9,"versions":224},"openSUSE","php7","opensuse","php7&distro=openSUSE Leap 15.0","rpm",[225],{"version":226,"is_range":227,"range_type":228,"version_start":9,"version_start_type":9,"version_end":229,"version_end_type":230,"fixed_in":9},"lt7_2_5_lp150_2_19_1",true,"ecosystem","7.2.5-lp150.2.19.1","excluding"]