CVE-2019-11043

⚠ KEVEPSS 94.1%

php7.3 - security update

Published: 10/26/2019Modified: 3/9/2026Added to CISA KEV: 3/25/2022

Description

In some versions of PHP in certain configurations of FPM setup, it is possible to cause FPM module to write past allocated buffers allowing the possibility of remote code execution.

Affected packages (3)

Debian/php5from 0, < 5.6.40+dfsg-0+deb8u7
Debian/php7.0from 0, < 7.0.33-0+deb9u6
Debian/php7.3from 0, < 7.3.11-1~deb10u1