Debian Bug report logs -
#943764
php73: CVE-2019-11043
Package:
src:php73;
Maintainer for src:php73 is Debian PHP Maintainers <team+pkg-php@trackerdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 29 Oct 2019 14:21:02 UTC
Severity: grave
Tags: security, upstream
Found in version php7 ...
Debian Bug report logs -
#943468
php-fpm: CVE-2019-11043: Vulnerability in PHP-FPM Could Lead to Remote Code Execution on nginx
Package:
src:php73;
Maintainer for src:php73 is Debian PHP Maintainers <team+pkg-php@trackerdebianorg>;
Reported by: Tobias Frost <tobi@debianorg>
Date: Fri, 25 Oct 2019 07:24:02 UTC
Se ...
PHP could be made to run programs if it received specially crafted network
traffic ...
PHP could be made to run programs if it received specially crafted network
traffic ...
Synopsis
Critical: php security update
Type/Severity
Security Advisory: Critical
Topic
An update for php is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base score, which give ...
Synopsis
Critical: php:72 security update
Type/Severity
Security Advisory: Critical
Topic
An update for the php:72 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) bas ...
Synopsis
Critical: php security update
Type/Severity
Security Advisory: Critical
Topic
An update for php is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base score, which give ...
Synopsis
Critical: php:72 security update
Type/Severity
Security Advisory: Critical
Topic
An update for the php:72 module is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Critical A Common Vul ...
Synopsis
Critical: rh-php71-php security update
Type/Severity
Security Advisory: Critical
Topic
An update for rh-php71-php is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) ba ...
Synopsis
Critical: rh-php70-php security update
Type/Severity
Security Advisory: Critical
Topic
An update for rh-php70-php is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) ba ...
Synopsis
Critical: php security update
Type/Severity
Security Advisory: Critical
Topic
An update for php is now available for Red Hat Enterprise Linux 76 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CV ...
Synopsis
Critical: rh-php72-php security update
Type/Severity
Security Advisory: Critical
Topic
An update for rh-php72-php is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) ba ...
Synopsis
Critical: php:73 security update
Type/Severity
Security Advisory: Critical
Topic
An update for the php:73 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) bas ...
Emil Lerner and Andrew Danau discovered that insufficient validation
in the path handling code of PHP FPM could result in the execution of
arbitrary code in some setups
For the oldstable distribution (stretch), this problem has been fixed
in version 7033-0+deb9u6
We recommend that you upgrade your php70 packages
For the detailed security stat ...
Emil Lerner and Andrew Danau discovered that insufficient validation
in the path handling code of PHP FPM could result in the execution of
arbitrary code in some setups
For the stable distribution (buster), this problem has been fixed in
version 7311-1~deb10u1
We recommend that you upgrade your php73 packages
For the detailed security status ...
In PHP versions 71x below 7133, 72x below 7224 and 73x below 7311 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution(CVE-2019-11043) ...
In PHP versions 71x below 7133, 72x below 7224 and 73x below 7311 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution(CVE-2019-11043) ...
A buffer underflow issue has been found in the php-fpm component of php before 7311, leading to remote code execution in certain nginx + php-fpm configurations ...
Tenablesc leverages third-party software to help provide underlying functionality Multiple third-party components were found to contain vulnerabilities, and updated versions have been made available by the providers
Out of caution, and in line with best practice, Tenable has upgraded the bundled components to address the potential impact of the ...