Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-45w3-pvv7-3p8j

Опубликовано: 02 мая 2022
Источник: github
Github: Не прошло ревью

Описание

The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function.

The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function.

EPSS

Процентиль: 82%
0.01859
Низкий

Дефекты

CWE-20

Связанные уязвимости

ubuntu
больше 15 лет назад

The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function.

redhat
больше 15 лет назад

The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function.

nvd
больше 15 лет назад

The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function.

debian
больше 15 лет назад

The safe_mode implementation in PHP before 5.2.13 does not properly ha ...

EPSS

Процентиль: 82%
0.01859
Низкий

Дефекты

CWE-20