In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: php
Published: 2019-10-22T00:00:00
Updated: 2021-07-22T17:07:18
Reserved: 2019-04-09T00:00:00
Link: CVE-2019-11043
JSON object: View
NVD Information
Status : Modified
Published: 2019-10-28T15:15:13.863
Modified: 2023-11-07T03:02:37.927
Link: CVE-2019-11043
JSON object: View
Redhat Information
No data.