View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2019-9641 severity moderate: SUSE including 971 source package names (apache2-mod_php5-5.2.14-111.46.1, apache2-mod_php5-5.5.14-109.51.6, …), 2004 product×package rows across 54 product lines (SUSE CaaS Platform 4.0, SUSE Enterprise Storage 6, … (54 product lines)): Fixed 1553, Known Not Affected 451.
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.