What is CVE-2019-6339?

CVE-2019-6339 is a vulnerability in Drupal Core. Published 2019-01-22.

Is CVE-2019-6339 known to be exploited?

15 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Drupal Core

CVE-2019-6339

In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and 8.5.x prior to 8.5.9; A remote code execution vulnerability exists in PHP's built-in phar stream wrapper when performing file operations on an untrusted phar:// URI. Some…

EPSS: 0.761 (98.9th percentile) — read the EPSS interpretation.

Affected products

Drupal Core — versions 7.x, 8.6.x, 8.5.x

Public proof-of-concept exploits

Vulnmachines/drupal-cve-2019-6339
0x783kb/Security-operation-book
ARPSyndicate/cve-scores
ARPSyndicate/cvemon
Awrrays/FrameVul
SexyBeast233/SecBooks
Threekiii/Awesome-Exploit
Threekiii/Awesome-POC
Threekiii/Vulhub-Reproduce
XiaomingX/awesome-poc-for-red-team

References

DSA-4370 (vendor-advisory, x_refsource_DEBIAN)
www.drupal.org/sa-core-2019-002 (x_refsource_CONFIRM)
[debian-lts-announce] 20190202 [SECURITY] [DLA 1659-1] drupal7 security update (mailing-list, x_refsource_MLIST)

Frequently asked questions

What is CVE-2019-6339?: CVE-2019-6339 is a vulnerability in Drupal Core. Published 2019-01-22.
Is CVE-2019-6339 known to be exploited?: 15 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.