Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-11038

When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.036
EPSS Ranking 87.2%
CVSS Severity
CVSS v3 Score 3.1
CVSS v2 Score 5.0
References
Products affected by CVE-2019-11038
  • Libgd » Libgd » Version: 2.2.5
    cpe:2.3:a:libgd:libgd:2.2.5
  • Php » Php » Version: 7.1.0
    cpe:2.3:a:php:php:7.1.0
  • Php » Php » Version: 7.1.1
    cpe:2.3:a:php:php:7.1.1
  • Php » Php » Version: 7.1.10
    cpe:2.3:a:php:php:7.1.10
  • Php » Php » Version: 7.1.11
    cpe:2.3:a:php:php:7.1.11
  • Php » Php » Version: 7.1.12
    cpe:2.3:a:php:php:7.1.12
  • Php » Php » Version: 7.1.13
    cpe:2.3:a:php:php:7.1.13
  • Php » Php » Version: 7.1.14
    cpe:2.3:a:php:php:7.1.14
  • Php » Php » Version: 7.1.15
    cpe:2.3:a:php:php:7.1.15
  • Php » Php » Version: 7.1.16
    cpe:2.3:a:php:php:7.1.16
  • Php » Php » Version: 7.1.17
    cpe:2.3:a:php:php:7.1.17
  • Php » Php » Version: 7.1.18
    cpe:2.3:a:php:php:7.1.18
  • Php » Php » Version: 7.1.19
    cpe:2.3:a:php:php:7.1.19
  • Php » Php » Version: 7.1.2
    cpe:2.3:a:php:php:7.1.2
  • Php » Php » Version: 7.1.20
    cpe:2.3:a:php:php:7.1.20
  • Php » Php » Version: 7.1.21
    cpe:2.3:a:php:php:7.1.21
  • Php » Php » Version: 7.1.22
    cpe:2.3:a:php:php:7.1.22
  • Php » Php » Version: 7.1.23
    cpe:2.3:a:php:php:7.1.23
  • Php » Php » Version: 7.1.24
    cpe:2.3:a:php:php:7.1.24
  • Php » Php » Version: 7.1.25
    cpe:2.3:a:php:php:7.1.25
  • Php » Php » Version: 7.1.26
    cpe:2.3:a:php:php:7.1.26
  • Php » Php » Version: 7.1.27
    cpe:2.3:a:php:php:7.1.27
  • Php » Php » Version: 7.1.28
    cpe:2.3:a:php:php:7.1.28
  • Php » Php » Version: 7.1.29
    cpe:2.3:a:php:php:7.1.29
  • Php » Php » Version: 7.1.3
    cpe:2.3:a:php:php:7.1.3
  • Php » Php » Version: 7.1.4
    cpe:2.3:a:php:php:7.1.4
  • Php » Php » Version: 7.1.5
    cpe:2.3:a:php:php:7.1.5
  • Php » Php » Version: 7.1.6
    cpe:2.3:a:php:php:7.1.6
  • Php » Php » Version: 7.1.7
    cpe:2.3:a:php:php:7.1.7
  • Php » Php » Version: 7.1.8
    cpe:2.3:a:php:php:7.1.8
  • Php » Php » Version: 7.1.9
    cpe:2.3:a:php:php:7.1.9
  • Php » Php » Version: 7.2.0
    cpe:2.3:a:php:php:7.2.0
  • Php » Php » Version: 7.2.1
    cpe:2.3:a:php:php:7.2.1
  • Php » Php » Version: 7.2.10
    cpe:2.3:a:php:php:7.2.10
  • Php » Php » Version: 7.2.11
    cpe:2.3:a:php:php:7.2.11
  • Php » Php » Version: 7.2.12
    cpe:2.3:a:php:php:7.2.12
  • Php » Php » Version: 7.2.13
    cpe:2.3:a:php:php:7.2.13
  • Php » Php » Version: 7.2.14
    cpe:2.3:a:php:php:7.2.14
  • Php » Php » Version: 7.2.15
    cpe:2.3:a:php:php:7.2.15
  • Php » Php » Version: 7.2.16
    cpe:2.3:a:php:php:7.2.16
  • Php » Php » Version: 7.2.17
    cpe:2.3:a:php:php:7.2.17
  • Php » Php » Version: 7.2.18
    cpe:2.3:a:php:php:7.2.18
  • Php » Php » Version: 7.2.2
    cpe:2.3:a:php:php:7.2.2
  • Php » Php » Version: 7.2.3
    cpe:2.3:a:php:php:7.2.3
  • Php » Php » Version: 7.2.4
    cpe:2.3:a:php:php:7.2.4
  • Php » Php » Version: 7.2.5
    cpe:2.3:a:php:php:7.2.5
  • Php » Php » Version: 7.2.6
    cpe:2.3:a:php:php:7.2.6
  • Php » Php » Version: 7.2.7
    cpe:2.3:a:php:php:7.2.7
  • Php » Php » Version: 7.2.8
    cpe:2.3:a:php:php:7.2.8
  • Php » Php » Version: 7.2.9
    cpe:2.3:a:php:php:7.2.9
  • Php » Php » Version: 7.3.0
    cpe:2.3:a:php:php:7.3.0
  • Php » Php » Version: 7.3.1
    cpe:2.3:a:php:php:7.3.1
  • Php » Php » Version: 7.3.2
    cpe:2.3:a:php:php:7.3.2
  • Php » Php » Version: 7.3.3
    cpe:2.3:a:php:php:7.3.3
  • Php » Php » Version: 7.3.4
    cpe:2.3:a:php:php:7.3.4
  • Php » Php » Version: 7.3.5
    cpe:2.3:a:php:php:7.3.5
  • Redhat » Software Collections » Version: 1.0
    cpe:2.3:a:redhat:software_collections:1.0
  • Suse » Linux Enterprise Debuginfo » Version: 11
    cpe:2.3:a:suse:linux_enterprise_debuginfo:11
  • Canonical » Ubuntu Linux » Version: 14.04
    cpe:2.3:o:canonical:ubuntu_linux:14.04
  • Canonical » Ubuntu Linux » Version: 16.04
    cpe:2.3:o:canonical:ubuntu_linux:16.04
  • Canonical » Ubuntu Linux » Version: 18.04
    cpe:2.3:o:canonical:ubuntu_linux:18.04
  • Canonical » Ubuntu Linux » Version: 19.10
    cpe:2.3:o:canonical:ubuntu_linux:19.10
  • Debian » Debian Linux » Version: 8.0
    cpe:2.3:o:debian:debian_linux:8.0
  • Debian » Debian Linux » Version: 9.0
    cpe:2.3:o:debian:debian_linux:9.0
  • Fedoraproject » Fedora » Version: 29
    cpe:2.3:o:fedoraproject:fedora:29
  • Fedoraproject » Fedora » Version: 30
    cpe:2.3:o:fedoraproject:fedora:30
  • Fedoraproject » Fedora » Version: 32
    cpe:2.3:o:fedoraproject:fedora:32
  • Opensuse » Leap » Version: 15.1
    cpe:2.3:o:opensuse:leap:15.1
  • Redhat » Enterprise Linux » Version: 7.0
    cpe:2.3:o:redhat:enterprise_linux:7.0
  • Redhat » Enterprise Linux » Version: 8.0
    cpe:2.3:o:redhat:enterprise_linux:8.0
  • Suse » Linux Enterprise Desktop » Version: 12
    cpe:2.3:o:suse:linux_enterprise_desktop:12
  • Suse » Linux Enterprise Server » Version: 12
    cpe:2.3:o:suse:linux_enterprise_server:12
  • cpe:2.3:o:suse:linux_enterprise_software_development_kit:12
  • cpe:2.3:o:suse:linux_enterprise_workstation_extension:12


Products
Pricing
Contact Us

Shodan ® - All rights reserved