Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-11048

Опубликовано: 20 мая 2020
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 5
CVSS3: 5.3

Описание

In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request. This potentially could lead to accumulation of uncleaned temporary files exhausting the disk space on the target server.

РелизСтатусПримечание
bionic

DNE

devel

DNE

eoan

DNE

esm-infra-legacy/trusty

not-affected

5.5.9+dfsg-1ubuntu4.29+esm12
esm-infra/focal

DNE

focal

DNE

precise/esm

not-affected

5.3.10-1ubuntu3.47
trusty

ignored

end of standard support
trusty/esm

released

5.5.9+dfsg-1ubuntu4.29+esm12
upstream

needs-triage

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

esm-infra/xenial

not-affected

7.0.33-0ubuntu0.16.04.15
focal

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

released

7.2.24-0ubuntu0.18.04.6
devel

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

7.2.24-0ubuntu0.18.04.6
esm-infra/focal

DNE

focal

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

eoan

released

7.3.11-0ubuntu0.19.10.6
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

7.3.18

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

released

7.4.3-4ubuntu4
eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

not-affected

7.4.3-4ubuntu2.2
focal

released

7.4.3-4ubuntu2.2
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

7.4.6

Показывать по

Ссылки на источники

EPSS

Процентиль: 95%
0.21786
Средний

5 Medium

CVSS2

5.3 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-11048

CVSS3: 7.5
redhat
около 5 лет назад

In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request. This potentially could lead to accumulation of uncleaned temporary files exhausting the disk space on the target server.

nvd логотип

CVE-2019-11048

CVSS3: 5.3
nvd
около 5 лет назад

In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request. This potentially could lead to accumulation of uncleaned temporary files exhausting the disk space on the target server.

debian логотип

CVE-2019-11048

CVSS3: 5.3
debian
около 5 лет назад

In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below ...

suse-cvrf логотип

openSUSE-SU-2020:0847-1

suse-cvrf
почти 5 лет назад

Security update for php7

suse-cvrf логотип

SUSE-SU-2020:1661-2

suse-cvrf
почти 5 лет назад

Security update for php7

EPSS

Процентиль: 95%
0.21786
Средний

5 Medium

CVSS2

5.3 Medium

CVSS3

Уязвимость CVE-2019-11048