|Description||In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that does not exist and encounter null pointer dereference, which would likely lead to a crash.|
|Source||CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)|
|References||DLA-2160-1, DSA-4717-1, DSA-4719-1|
Vulnerable and fixed packages
The table below lists information on source packages.
The information below is based on the following data on fixed versions.
Fixed in PHP 7.4.3, 7.3.15, 7.2.28
PHP Bug: https://bugs.php.net/79221