Kaiyi Dot Xu

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 5.6.37 PHP versions 7.0.x prior to 7.0.31 PHP versions 7.1.x prior to 7.1.20 PHP versions 7.2.x prior to 7.2.8 **Description** The issue is related to an Integer Overflow that leads to a heap-based buffer over-read in the `exif thumbnail extract` function of `exif.c`. This can potentially allow a remote attacker to cause a denial of service. **Recommendations** For PHP versions prior to 5.6.37, update to version 5.6.37 or later. For PHP versions 7.0.x prior to 7.0.31, update to version 7.0.31 or later. For PHP versions 7.1.x prior to 7.1.20, update to version 7.1.20 or later. For PHP versions 7.2.x prior to 7.2.8, update to version 7.2.8 or later.