CVE-2019-11048 Temporary files are not cleaned after OOM when parsing HTTP request data

2020-05-1100:00:00

CWE-190

CWE-400

php

www.cve.org

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

6.3 Medium

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.1%

JSON

In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request. This potentially could lead to accumulation of uncleaned temporary files exhausting the disk space on the target server.

CNA Affected

[
  {
    "product": "PHP",
    "vendor": "PHP Group",
    "versions": [
      {
        "lessThan": "7.3.18",
        "status": "affected",
        "version": "7.3.x",
        "versionType": "custom"
      },
      {
        "lessThan": "7.4.6",
        "status": "affected",
        "version": "7.4.x",
        "versionType": "custom"
      },
      {
        "lessThan": "7.2.31",
        "status": "affected",
        "version": "7.2.x",
        "versionType": "custom"
      }
    ]
  }
]