An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
PHP
Information Disclosure
Debian Linux
Ubuntu Linux
Leap
+1
NVD
CVSS 3.1
9.8
EPSS
9.4%