CLSA-2026-1776879963

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1776879963.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1776879963

Upstream

CVE-2019-11034

CVE-2019-11035

CVE-2019-11036

CVE-2019-11040

CVE-2019-13224

CVE-2019-9020

CVE-2019-9021

CVE-2019-9023

CVE-2019-9641

Published

2026-04-22T17:46:08Z

Modified

2026-05-29T01:35:30.117741554Z

Summary

php: Fix of 9 CVEs

Details

CVE-2019-9020: fix heap out-of-bounds read in xmlrpc_decode()
CVE-2019-9021: fix heap buffer overflow in phardetectpharfnameext
CVE-2019-9023: fix heap buffer over-reads in mbstring regex functions
CVE-2019-9641: fix uninitialized read in exifprocessIFDinTIFF
CVE-2019-11034: fix heap-buffer-overflow in exifprocessIFDinMAKERNOTE
CVE-2019-11035: fix heap-buffer-overflow in exifiifadd_value
CVE-2019-11036: fix heap-buffer-overflow in exifprocessIFD_TAG
CVE-2019-11040: fix heap-buffer-overflow on phpjpgget16
CVE-2019-13224: do not allow different encodings for onignewdeluxe()

References

https://errata.tuxcare.com/els_os/oraclelinux6els/CLSA-2026-1776879963.html

Affected packages