Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2019-9637

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 09 ΠΌΠ°Ρ€. 2019
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: ubuntu
ΠŸΡ€ΠΈΠΎΡ€ΠΈΡ‚Π΅Ρ‚: low
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

ОписаниС

An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

released

5.5.9+dfsg-1ubuntu4.29
precise/esm

not-affected

5.3.10-1ubuntu3.34
trusty

released

5.5.9+dfsg-1ubuntu4.29
trusty/esm

released

5.5.9+dfsg-1ubuntu4.29
upstream

needs-triage

xenial

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra-legacy/xenial

released

7.0.33-0ubuntu0.16.04.3
esm-infra/xenial

released

7.0.33-0ubuntu0.16.04.3
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

released

7.2.15-0ubuntu0.18.04.2
cosmic

released

7.2.15-0ubuntu0.18.10.2
devel

released

7.2.15-0ubuntu3
disco

released

7.2.15-0ubuntu3
esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

7.2.15-0ubuntu0.18.04.2
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

7.2.16

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

DNE

cosmic

DNE

devel

not-affected

7.3.4-2
disco

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

7.3.3
xenial

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 93%
0.07151
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

БвязанныС уязвимости

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2019-9637

CVSS3: 7.5
redhat
большС 7 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2019-9637

CVSS3: 7.5
nvd
большС 7 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2019-9637

CVSS3: 7.5
debian
большС 7 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and ...

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-hq76-774r-jcwj

CVSS3: 7.5
github
ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.

fstec Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

BDU:2020-01570

CVSS3: 7.5
fstec
большС 7 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ ΠΈΠ½Ρ‚Π΅Ρ€ΠΏΡ€Π΅Ρ‚Π°Ρ‚ΠΎΡ€Π° PHP, связанная с ошибками ΡƒΠΏΡ€Π°Π²Π»Π΅Π½ΠΈΠ΅ΠΌ ΠΊΠ»ΡŽΡ‡Π°ΠΌΠΈ, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡŽΡ‰Π°Ρ Π½Π°Ρ€ΡƒΡˆΠΈΡ‚Π΅Π»ΡŽ ΠΏΠΎΠ»ΡƒΡ‡ΠΈΡ‚ΡŒ нСсанкционированный доступ ΠΊ Π·Π°Ρ‰ΠΈΡ‰Π°Π΅ΠΌΠΎΠΉ ΠΈΠ½Ρ„ΠΎΡ€ΠΌΠ°Ρ†ΠΈΠΈ

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 93%
0.07151
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2019-9637