Description
The exif_process_user_comment function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted JPEG image.
Remediation
References
Related Vulnerabilities
WordPress Plugin Ajax BootModal Login Security Bypass (1.4.3)
Ruby on Rails CVE-2022-23634 Vulnerability (CVE-2022-23634)
WordPress Plugin Contact Form 7 Cross-Site Scripting (4.0.1)
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-28168)
WordPress Plugin Developer Formatter Cross-Site Request Forgery (2012.0.1.39)