Php · Php · CVE-2019-9637
**Name of the Vulnerable Software and Affected Versions**
PHP versions prior to 7.1.27
PHP versions 7.2.x prior to 7.2.16
PHP versions 7.3.x prior to 7.3.3
**Description**
The issue is related to errors in key management in the PHP interpreter. It allows a remote attacker to gain unauthorized access to protected information. The problem arises from the implementation of the rename() function across filesystems, which can briefly make a file being renamed available with incorrect permissions, enabling unauthorized users to access the data.
**Recommendations**
For PHP versions prior to 7.1.27, update to version 7.1.27 or later.
For PHP versions 7.2.x prior to 7.2.16, update to version 7.2.16 or later.
For PHP versions 7.3.x prior to 7.3.3, update to version 7.3.3 or later.