CVE-2020-7064
Use-of-uninitialized-value in exifIn PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash.
We have discovered 615,085 live websites that are affected by CVE-2020-7064.
Contact us to get more info
Affected Software
| |
---|
Product | PHP |
Category | Programming Languages |
Vulnerable Versions | - from 7.2 before 7.2.29
- from 7.3 before 7.3.16
- from 7.4 before 7.4.4
|
Total Vulnerable Versions | 507 |
Vulnerable Domains | 615,085 live websites (5.08% of PHP install base) |
Common Weakness Enumeration
CWE-125 Out-of-bounds Read
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2020-7064 and the relative popularity of websites