PHP versions 7.2.x below 7.2.9 Out-of-bounds Read Vulnerability
A one byte out-of-bounds read, which could potentially lead to information disclosure or crash.
The information has been provided by Thorsten Alteholz
The original article can be found at:https://bugs.php.net/bug.php?id=79282
In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.34, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash.
PHP versions 7.2.x below 7.2.9
PHP versions 7.3.x below 7.3.16
PHP versions 7.4.x below 7.4.34