一、漏洞信息
漏洞编号:CVE-2020-7062
漏洞归属组件:php
漏洞归属的版本:7.2.10
CVSS V3.0分值:
BaseScore:7.5 High
Vector:CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
漏洞简述:
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that does not exist and encounter null pointer dereference, which would likely lead to a crash.
漏洞公开时间:
漏洞创建时间:2021-03-05 09:01:58
漏洞详情参考链接:
https://nvd.nist.gov/vuln/detail/CVE-2020-7062
漏洞分析指导链接:
https://gitee.com/openeuler/cve-manager/blob/master/doc/md/manual.md
二、漏洞分析结构反馈
影响性分析说明:
在低于7.2.28的PHP版本7.2.x,低于7.3.15的7.3.x和低于7.4.3的7.4.x中,使用文件上载功能时,如果启用了上载进度跟踪,但是session.upload_progress.cleanup设置为0(关闭),文件上传失败,上传过程会尝试清理不存在的数据。并且,如果遇到空指针解引用,可能导致crash。
openEuler评分:
7.5
Vector:CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
受影响版本排查(受影响/不受影响):
1.openEuler-20.03-LTS:受影响
2.openEuler-20.09:受影响
3.openEuler-20.03-LTS-Next:受影响
4.openEuler-20.03-LTS-SP1:受影响
5.mainline:不受影响