{"api_version":"1","generated_at":"2026-04-22T23:30:48+00:00","cve":"CVE-2019-11048","urls":{"html":"https://cve.report/CVE-2019-11048","api":"https://cve.report/api/cve/CVE-2019-11048.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2019-11048","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2019-11048"},"summary":{"title":"CVE-2019-11048","description":"In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request. This potentially could lead to accumulation of uncleaned temporary files exhausting the disk space on the target server.","state":"PUBLIC","assigner":"security@php.net","published_at":"2020-05-20 08:15:00","updated_at":"2023-11-07 03:02:00"},"problem_types":["CWE-190"],"metrics":[],"references":[{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBA3TFZSP3TB5N4G24SO6BI64RJZXE3D/","name":"FEDORA-2020-8838d072d5","refsource":"","tags":[],"title":"[SECURITY] Fedora 31 Update: php-7.3.18-1.fc31 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.debian.org/security/2020/dsa-4719","name":"DSA-4719","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-4719-1 php7.3","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBA3TFZSP3TB5N4G24SO6BI64RJZXE3D/","name":"FEDORA-2020-8838d072d5","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 31 Update: php-7.3.18-1.fc31 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.oracle.com/security-alerts/cpuoct2020.html","name":"https://www.oracle.com/security-alerts/cpuoct2020.html","refsource":"MISC","tags":[],"title":"Oracle Critical Patch Update Advisory - October 2020","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.tenable.com/security/tns-2021-14","name":"https://www.tenable.com/security/tns-2021-14","refsource":"CONFIRM","tags":[],"title":"[R1] Tenable.sc 5.19.0 Fixes Multiple Third-party Vulnerabilities - Security Advisory | Tenable®","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMDUQ7XFONY3BWTAQQUD3QUGZT6NFZUF/","name":"FEDORA-2020-9fa7f4e25c","refsource":"","tags":[],"title":"[SECURITY] Fedora 30 Update: php-7.3.18-1.fc30 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://usn.ubuntu.com/4375-1/","name":"USN-4375-1","refsource":"UBUNTU","tags":[],"title":"USN-4375-1: PHP vulnerability | Ubuntu security notices | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMDUQ7XFONY3BWTAQQUD3QUGZT6NFZUF/","name":"FEDORA-2020-9fa7f4e25c","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 30 Update: php-7.3.18-1.fc30 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugs.php.net/bug.php?id=78875","name":"https://bugs.php.net/bug.php?id=78875","refsource":"MISC","tags":["Exploit","Issue Tracking","Vendor Advisory"],"title":"PHP :: Sec Bug #78875 :: Long filenames cause OOM and temp files are not cleaned","mime":"text/x-python","httpstatus":"200","archivestatus":"200"},{"url":"https://security.netapp.com/advisory/ntap-20200528-0006/","name":"https://security.netapp.com/advisory/ntap-20200528-0006/","refsource":"CONFIRM","tags":[],"title":"CVE-2019-11048 PHP Vulnerability in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.debian.org/security/2020/dsa-4717","name":"DSA-4717","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-4717-1 php7.0","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.debian.org/debian-lts-announce/2020/06/msg00033.html","name":"[debian-lts-announce] 20200629 [SECURITY] [DLA 2261-1] php5 security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 2261-1] php5 security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugs.php.net/bug.php?id=78876","name":"https://bugs.php.net/bug.php?id=78876","refsource":"MISC","tags":["Exploit","Issue Tracking","Vendor Advisory"],"title":"PHP :: Sec Bug #78876 :: Long variables in multipart/form-data cause OOM and temp files are not cleaned","mime":"text/x-python","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00045.html","name":"openSUSE-SU-2020:0847","refsource":"SUSE","tags":[],"title":"[security-announce] openSUSE-SU-2020:0847-1: moderate: Security update f","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.oracle.com/security-alerts/cpuApr2021.html","name":"https://www.oracle.com/security-alerts/cpuApr2021.html","refsource":"MISC","tags":[],"title":"Oracle Critical Patch Update Advisory - April 2021","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2019-11048","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11048","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"LEGACY","value":"jr at coredu dot mp","lang":""}],"nvd_cpes":[{"cve_year":"2019","cve_id":"11048","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"11048","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"php","cpe5":"php","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2019-11048","qid":"296072","title":"Oracle Solaris 11.4 Support Repository Update (SRU) 25.75.3 Missing (CPUJUL2020)"},{"cve":"CVE-2019-11048","qid":"501139","title":"Alpine Linux Security Update for php7"},{"cve":"CVE-2019-11048","qid":"752878","title":"SUSE Enterprise Linux Security Update for php7 (SUSE-SU-2022:4067-1)"},{"cve":"CVE-2019-11048","qid":"940250","title":"AlmaLinux Security Update for php:7.3 (ALSA-2020:3662)"},{"cve":"CVE-2019-11048","qid":"960421","title":"Rocky Linux Security Update for php:7.3 (RLSA-2020:3662)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security@php.net","DATE_PUBLIC":"2020-05-11T21:22:00.000Z","ID":"CVE-2019-11048","STATE":"PUBLIC","TITLE":"Temporary files are not cleaned after OOM when parsing HTTP request data"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"PHP","version":{"version_data":[{"version_affected":"<","version_name":"7.3.x","version_value":"7.3.18"},{"version_affected":"<","version_name":"7.4.x","version_value":"7.4.6"},{"version_affected":"<","version_name":"7.2.x","version_value":"7.2.31"}]}}]},"vendor_name":"PHP Group"}]}},"credit":[{"lang":"eng","value":"jr at coredu dot mp"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request. This potentially could lead to accumulation of uncleaned temporary files exhausting the disk space on the target server."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":5.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-400 Uncontrolled Resource Consumption"}]},{"description":[{"lang":"eng","value":"CWE-190 Integer Overflow or Wraparound"}]}]},"references":{"reference_data":[{"refsource":"FEDORA","name":"FEDORA-2020-8838d072d5","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBA3TFZSP3TB5N4G24SO6BI64RJZXE3D/"},{"refsource":"FEDORA","name":"FEDORA-2020-9fa7f4e25c","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMDUQ7XFONY3BWTAQQUD3QUGZT6NFZUF/"},{"refsource":"UBUNTU","name":"USN-4375-1","url":"https://usn.ubuntu.com/4375-1/"},{"refsource":"SUSE","name":"openSUSE-SU-2020:0847","url":"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00045.html"},{"refsource":"MLIST","name":"[debian-lts-announce] 20200629 [SECURITY] [DLA 2261-1] php5 security update","url":"https://lists.debian.org/debian-lts-announce/2020/06/msg00033.html"},{"refsource":"DEBIAN","name":"DSA-4717","url":"https://www.debian.org/security/2020/dsa-4717"},{"refsource":"DEBIAN","name":"DSA-4719","url":"https://www.debian.org/security/2020/dsa-4719"},{"url":"https://www.oracle.com/security-alerts/cpuoct2020.html","refsource":"MISC","name":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"refsource":"MISC","url":"https://bugs.php.net/bug.php?id=78875","name":"https://bugs.php.net/bug.php?id=78875"},{"refsource":"MISC","url":"https://bugs.php.net/bug.php?id=78876","name":"https://bugs.php.net/bug.php?id=78876"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20200528-0006/","url":"https://security.netapp.com/advisory/ntap-20200528-0006/"},{"url":"https://www.oracle.com/security-alerts/cpuApr2021.html","refsource":"MISC","name":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"refsource":"CONFIRM","name":"https://www.tenable.com/security/tns-2021-14","url":"https://www.tenable.com/security/tns-2021-14"}]},"source":{"defect":["https://bugs.php.net/bug.php?id=78875"],"discovery":"EXTERNAL"},"work_around":[{"lang":"eng","value":"Setting post_max_size to value significantly lower than the memory limit prevents this issue from being exploited. Disabling file uploads also prevents this issue from happening. "}]},"nvd":{"publishedDate":"2020-05-20 08:15:00","lastModifiedDate":"2023-11-07 03:02:00","problem_types":["CWE-190"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW","baseScore":5.3,"baseSeverity":"MEDIUM"},"exploitabilityScore":3.9,"impactScore":1.4},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL","baseScore":5},"severity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndExcluding":"7.4.6","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.0","versionEndExcluding":"7.3.18","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.2.31","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2019","CveId":"11048","Ordinal":"149329","Title":"CVE-2019-11048","CVE":"CVE-2019-11048","Year":"2019"},"notes":[{"CveYear":"2019","CveId":"11048","Ordinal":"1","NoteData":"In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request. This potentially could lead to accumulation of uncleaned temporary files exhausting the disk space on the target server.","Type":"Description","Title":null},{"CveYear":"2019","CveId":"11048","Ordinal":"2","NoteData":"2020-05-20","Type":"Other","Title":"Published"},{"CveYear":"2019","CveId":"11048","Ordinal":"3","NoteData":"2021-07-22","Type":"Other","Title":"Modified"}]}}}