vulnerability
Oracle Linux: CVE-2019-9637: ELSA-2020-1624: php:7.2 security, bug fix, and enhancement update (MODERATE) (Multiple Advisories)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
8 | (AV:N/AC:L/Au:N/C:C/I:N/A:N) | Feb 18, 2019 | Jul 22, 2024 | Jan 7, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:C/I:N/A:N)
Published
Feb 18, 2019
Added
Jul 22, 2024
Modified
Jan 7, 2025
Description
An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.
Solution(s)
oracle-linux-upgrade-apcu-paneloracle-linux-upgrade-libziporacle-linux-upgrade-libzip-develoracle-linux-upgrade-libzip-toolsoracle-linux-upgrade-phporacle-linux-upgrade-php-bcmathoracle-linux-upgrade-php-clioracle-linux-upgrade-php-commonoracle-linux-upgrade-php-dbaoracle-linux-upgrade-php-dbgoracle-linux-upgrade-php-develoracle-linux-upgrade-php-embeddedoracle-linux-upgrade-php-enchantoracle-linux-upgrade-php-fpmoracle-linux-upgrade-php-gdoracle-linux-upgrade-php-gmporacle-linux-upgrade-php-intloracle-linux-upgrade-php-jsonoracle-linux-upgrade-php-ldaporacle-linux-upgrade-php-mbstringoracle-linux-upgrade-php-mysqlndoracle-linux-upgrade-php-odbcoracle-linux-upgrade-php-opcacheoracle-linux-upgrade-php-pdooracle-linux-upgrade-php-pearoracle-linux-upgrade-php-pecl-apcuoracle-linux-upgrade-php-pecl-apcu-develoracle-linux-upgrade-php-pecl-ziporacle-linux-upgrade-php-pgsqloracle-linux-upgrade-php-processoracle-linux-upgrade-php-recodeoracle-linux-upgrade-php-snmporacle-linux-upgrade-php-soaporacle-linux-upgrade-php-xmloracle-linux-upgrade-php-xmlrpc

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.