Vulnerability-Lookup

CVE-2019-11043 (GCVE-0-2019-11043)

Vulnerability from cvelistv5 – Published: 2019-10-28 14:19 – Updated: 2025-10-21 23:45

Title

Underflow in PHP-FPM can lead to RCE

Summary

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.

Severity ?

8.7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

CWE

CWE-120 - Buffer Overflow

Assigner

php

References

URL

Tags

	https://github.com/neex/phuip-fpizdam	x_refsource_MISC
	https://bugs.php.net/bug.php?id=78599	x_refsource_CONFIRM
	https://usn.ubuntu.com/4166-1/	vendor-advisoryx_refsource_UBUNTU
	https://www.debian.org/security/2019/dsa-4552	vendor-advisoryx_refsource_DEBIAN
	https://www.debian.org/security/2019/dsa-4553	vendor-advisoryx_refsource_DEBIAN
	https://usn.ubuntu.com/4166-2/	vendor-advisoryx_refsource_UBUNTU
	https://support.f5.com/csp/article/K75408500?utm_…	x_refsource_CONFIRM
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://security.netapp.com/advisory/ntap-2019103…	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2019:3286	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:3287	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:3299	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:3300	vendor-advisoryx_refsource_REDHAT
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://access.redhat.com/errata/RHSA-2019:3724	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:3735	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:3736	vendor-advisoryx_refsource_REDHAT
	https://www.synology.com/security/advisory/Synolo…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://support.apple.com/kb/HT210919	x_refsource_CONFIRM
	https://seclists.org/bugtraq/2020/Jan/44	mailing-listx_refsource_BUGTRAQ
	http://seclists.org/fulldisclosure/2020/Jan/40	mailing-listx_refsource_FULLDISC
	https://access.redhat.com/errata/RHSA-2020:0322	vendor-advisoryx_refsource_REDHAT
	http://packetstormsecurity.com/files/156642/PHP-F…	x_refsource_MISC
	https://www.tenable.com/security/tns-2021-14	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	PHP	PHP	Affected: 7.1.x , < 7.1.33 (custom) Affected: 7.2.x , < 7.2.24 (custom) Affected: 7.3.x , < 7.3.11 (custom)

Credits

Reported by Emil Lerner.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:16.064Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/neex/phuip-fpizdam"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.php.net/bug.php?id=78599"
          },
          {
            "name": "USN-4166-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4166-1/"
          },
          {
            "name": "DSA-4552",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2019/dsa-4552"
          },
          {
            "name": "DSA-4553",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2019/dsa-4553"
          },
          {
            "name": "USN-4166-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4166-2/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K75408500?utm_source=f5support\u0026amp%3Butm_medium=RSS"
          },
          {
            "name": "FEDORA-2019-4adc49a476",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20191031-0003/"
          },
          {
            "name": "RHSA-2019:3286",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3286"
          },
          {
            "name": "RHSA-2019:3287",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3287"
          },
          {
            "name": "RHSA-2019:3299",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3299"
          },
          {
            "name": "RHSA-2019:3300",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3300"
          },
          {
            "name": "FEDORA-2019-187ae3128d",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/"
          },
          {
            "name": "FEDORA-2019-7bb07c3b02",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/"
          },
          {
            "name": "openSUSE-SU-2019:2441",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html"
          },
          {
            "name": "RHSA-2019:3724",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3724"
          },
          {
            "name": "RHSA-2019:3735",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3735"
          },
          {
            "name": "RHSA-2019:3736",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3736"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/security/advisory/Synology_SA_19_36"
          },
          {
            "name": "openSUSE-SU-2019:2457",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT210919"
          },
          {
            "name": "20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2020/Jan/44"
          },
          {
            "name": "20200131 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2020/Jan/40"
          },
          {
            "name": "RHSA-2020:0322",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0322"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2021-14"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-11043",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-07T13:08:21.298475Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-03-25",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-11043"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:45:28.408Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-11043"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-03-25T00:00:00.000Z",
            "value": "CVE-2019-11043 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PHP",
          "vendor": "PHP",
          "versions": [
            {
              "lessThan": "7.1.33",
              "status": "affected",
              "version": "7.1.x",
              "versionType": "custom"
            },
            {
              "lessThan": "7.2.24",
              "status": "affected",
              "version": "7.2.x",
              "versionType": "custom"
            },
            {
              "lessThan": "7.3.11",
              "status": "affected",
              "version": "7.3.x",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported by Emil Lerner."
        }
      ],
      "datePublic": "2019-10-22T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Exploit described at https://github.com/neex/phuip-fpizdam"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120 Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-22T17:07:18.000Z",
        "orgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b",
        "shortName": "php"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/neex/phuip-fpizdam"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.php.net/bug.php?id=78599"
        },
        {
          "name": "USN-4166-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4166-1/"
        },
        {
          "name": "DSA-4552",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2019/dsa-4552"
        },
        {
          "name": "DSA-4553",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2019/dsa-4553"
        },
        {
          "name": "USN-4166-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4166-2/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K75408500?utm_source=f5support\u0026amp%3Butm_medium=RSS"
        },
        {
          "name": "FEDORA-2019-4adc49a476",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20191031-0003/"
        },
        {
          "name": "RHSA-2019:3286",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3286"
        },
        {
          "name": "RHSA-2019:3287",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3287"
        },
        {
          "name": "RHSA-2019:3299",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3299"
        },
        {
          "name": "RHSA-2019:3300",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3300"
        },
        {
          "name": "FEDORA-2019-187ae3128d",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/"
        },
        {
          "name": "FEDORA-2019-7bb07c3b02",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/"
        },
        {
          "name": "openSUSE-SU-2019:2441",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html"
        },
        {
          "name": "RHSA-2019:3724",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3724"
        },
        {
          "name": "RHSA-2019:3735",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3735"
        },
        {
          "name": "RHSA-2019:3736",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3736"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/security/advisory/Synology_SA_19_36"
        },
        {
          "name": "openSUSE-SU-2019:2457",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT210919"
        },
        {
          "name": "20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2020/Jan/44"
        },
        {
          "name": "20200131 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2020/Jan/40"
        },
        {
          "name": "RHSA-2020:0322",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0322"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.tenable.com/security/tns-2021-14"
        }
      ],
      "source": {
        "defect": [
          "https://bugs.php.net/bug.php?id=78599"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Underflow in PHP-FPM can lead to RCE",
      "workarounds": [
        {
          "lang": "en",
          "value": "Configuring nginx (or other server that implements the front-end part of the FPM protocol) to check for the existence of the target file before passing it to PHP FPM (e.g. \"try_files $uri =404\" or \"if (-f $uri)\" in nginx) for would prevent this vulnerability from happening."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.8"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@php.net",
          "DATE_PUBLIC": "2019-10-22T03:18:00.000Z",
          "ID": "CVE-2019-11043",
          "STATE": "PUBLIC",
          "TITLE": "Underflow in PHP-FPM can lead to RCE"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PHP",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "7.1.x",
                            "version_value": "7.1.33"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "7.2.x",
                            "version_value": "7.2.24"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "7.3.x",
                            "version_value": "7.3.11"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "PHP"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Reported by Emil Lerner."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Exploit described at https://github.com/neex/phuip-fpizdam"
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.8"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-120 Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/neex/phuip-fpizdam",
              "refsource": "MISC",
              "url": "https://github.com/neex/phuip-fpizdam"
            },
            {
              "name": "https://bugs.php.net/bug.php?id=78599",
              "refsource": "CONFIRM",
              "url": "https://bugs.php.net/bug.php?id=78599"
            },
            {
              "name": "USN-4166-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4166-1/"
            },
            {
              "name": "DSA-4552",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2019/dsa-4552"
            },
            {
              "name": "DSA-4553",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2019/dsa-4553"
            },
            {
              "name": "USN-4166-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4166-2/"
            },
            {
              "name": "https://support.f5.com/csp/article/K75408500?utm_source=f5support\u0026amp;utm_medium=RSS",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K75408500?utm_source=f5support\u0026amp;utm_medium=RSS"
            },
            {
              "name": "FEDORA-2019-4adc49a476",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20191031-0003/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20191031-0003/"
            },
            {
              "name": "RHSA-2019:3286",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:3286"
            },
            {
              "name": "RHSA-2019:3287",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:3287"
            },
            {
              "name": "RHSA-2019:3299",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:3299"
            },
            {
              "name": "RHSA-2019:3300",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:3300"
            },
            {
              "name": "FEDORA-2019-187ae3128d",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/"
            },
            {
              "name": "FEDORA-2019-7bb07c3b02",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/"
            },
            {
              "name": "openSUSE-SU-2019:2441",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html"
            },
            {
              "name": "RHSA-2019:3724",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:3724"
            },
            {
              "name": "RHSA-2019:3735",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:3735"
            },
            {
              "name": "RHSA-2019:3736",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:3736"
            },
            {
              "name": "https://www.synology.com/security/advisory/Synology_SA_19_36",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/security/advisory/Synology_SA_19_36"
            },
            {
              "name": "openSUSE-SU-2019:2457",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html"
            },
            {
              "name": "https://support.apple.com/kb/HT210919",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT210919"
            },
            {
              "name": "20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2020/Jan/44"
            },
            {
              "name": "20200131 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2020/Jan/40"
            },
            {
              "name": "RHSA-2020:0322",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0322"
            },
            {
              "name": "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html"
            },
            {
              "name": "https://www.tenable.com/security/tns-2021-14",
              "refsource": "CONFIRM",
              "url": "https://www.tenable.com/security/tns-2021-14"
            }
          ]
        },
        "source": {
          "defect": [
            "https://bugs.php.net/bug.php?id=78599"
          ],
          "discovery": "EXTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "Configuring nginx (or other server that implements the front-end part of the FPM protocol) to check for the existence of the target file before passing it to PHP FPM (e.g. \"try_files $uri =404\" or \"if (-f $uri)\" in nginx) for would prevent this vulnerability from happening."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b",
    "assignerShortName": "php",
    "cveId": "CVE-2019-11043",
    "datePublished": "2019-10-28T14:19:04.252Z",
    "dateReserved": "2019-04-09T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:45:28.408Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2019-11043",
      "cwes": "[\"CWE-120\"]",
      "dateAdded": "2022-03-25",
      "dueDate": "2022-04-15",
      "knownRansomwareCampaignUse": "Known",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2019-11043",
      "product": "FastCGI Process Manager (FPM)",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "In some versions of PHP in certain configurations of FPM setup, it is possible to cause FPM module to write past allocated buffers allowing the possibility of remote code execution.",
      "vendorProject": "PHP",
      "vulnerabilityName": "PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability"
    },
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/neex/phuip-fpizdam\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://bugs.php.net/bug.php?id=78599\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/4166-1/\", \"name\": \"USN-4166-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4552\", \"name\": \"DSA-4552\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4553\", \"name\": \"DSA-4553\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/4166-2/\", \"name\": \"USN-4166-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://support.f5.com/csp/article/K75408500?utm_source=f5support\u0026amp%3Butm_medium=RSS\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/\", \"name\": \"FEDORA-2019-4adc49a476\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20191031-0003/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3286\", \"name\": \"RHSA-2019:3286\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3287\", \"name\": \"RHSA-2019:3287\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3299\", \"name\": \"RHSA-2019:3299\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3300\", \"name\": \"RHSA-2019:3300\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/\", \"name\": \"FEDORA-2019-187ae3128d\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/\", \"name\": \"FEDORA-2019-7bb07c3b02\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html\", \"name\": \"openSUSE-SU-2019:2441\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3724\", \"name\": \"RHSA-2019:3724\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3735\", \"name\": \"RHSA-2019:3735\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3736\", \"name\": \"RHSA-2019:3736\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://www.synology.com/security/advisory/Synology_SA_19_36\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html\", \"name\": \"openSUSE-SU-2019:2457\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT210919\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2020/Jan/44\", \"name\": \"20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2020/Jan/40\", \"name\": \"20200131 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2020:0322\", \"name\": \"RHSA-2020:0322\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.tenable.com/security/tns-2021-14\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T22:40:16.064Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2019-11043\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-07T13:08:21.298475Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-03-25\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-11043\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-03-25T00:00:00.000Z\", \"value\": \"CVE-2019-11043 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-11043\", \"tags\": [\"government-resource\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-07T13:08:23.969Z\"}}], \"cna\": {\"title\": \"Underflow in PHP-FPM can lead to RCE\", \"source\": {\"defect\": [\"https://bugs.php.net/bug.php?id=78599\"], \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"value\": \"Reported by Emil Lerner.\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"PHP\", \"product\": \"PHP\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.1.x\", \"lessThan\": \"7.1.33\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.2.x\", \"lessThan\": \"7.2.24\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.3.x\", \"lessThan\": \"7.3.11\", \"versionType\": \"custom\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Exploit described at https://github.com/neex/phuip-fpizdam\"}], \"datePublic\": \"2019-10-22T00:00:00.000Z\", \"references\": [{\"url\": \"https://github.com/neex/phuip-fpizdam\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://bugs.php.net/bug.php?id=78599\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://usn.ubuntu.com/4166-1/\", \"name\": \"USN-4166-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4552\", \"name\": \"DSA-4552\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4553\", \"name\": \"DSA-4553\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://usn.ubuntu.com/4166-2/\", \"name\": \"USN-4166-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://support.f5.com/csp/article/K75408500?utm_source=f5support\u0026amp%3Butm_medium=RSS\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/\", \"name\": \"FEDORA-2019-4adc49a476\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20191031-0003/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3286\", \"name\": \"RHSA-2019:3286\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3287\", \"name\": \"RHSA-2019:3287\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3299\", \"name\": \"RHSA-2019:3299\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3300\", \"name\": \"RHSA-2019:3300\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/\", \"name\": \"FEDORA-2019-187ae3128d\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/\", \"name\": \"FEDORA-2019-7bb07c3b02\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html\", \"name\": \"openSUSE-SU-2019:2441\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3724\", \"name\": \"RHSA-2019:3724\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3735\", \"name\": \"RHSA-2019:3735\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3736\", \"name\": \"RHSA-2019:3736\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://www.synology.com/security/advisory/Synology_SA_19_36\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html\", \"name\": \"openSUSE-SU-2019:2457\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://support.apple.com/kb/HT210919\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://seclists.org/bugtraq/2020/Jan/44\", \"name\": \"20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2020/Jan/40\", \"name\": \"20200131 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2020:0322\", \"name\": \"RHSA-2020:0322\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.tenable.com/security/tns-2021-14\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Configuring nginx (or other server that implements the front-end part of the FPM protocol) to check for the existence of the target file before passing it to PHP FPM (e.g. \\\"try_files $uri =404\\\" or \\\"if (-f $uri)\\\" in nginx) for would prevent this vulnerability from happening.\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.8\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-120\", \"description\": \"CWE-120 Buffer Overflow\"}]}], \"providerMetadata\": {\"orgId\": \"dd77f84a-d19a-4638-8c3d-a322d820ed2b\", \"shortName\": \"php\", \"dateUpdated\": \"2021-07-22T17:07:18.000Z\"}, \"x_legacyV4Record\": {\"credit\": [{\"lang\": \"eng\", \"value\": \"Reported by Emil Lerner.\"}], \"impact\": {\"cvss\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, \"source\": {\"defect\": [\"https://bugs.php.net/bug.php?id=78599\"], \"discovery\": \"EXTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_name\": \"7.1.x\", \"version_value\": \"7.1.33\", \"version_affected\": \"\u003c\"}, {\"version_name\": \"7.2.x\", \"version_value\": \"7.2.24\", \"version_affected\": \"\u003c\"}, {\"version_name\": \"7.3.x\", \"version_value\": \"7.3.11\", \"version_affected\": \"\u003c\"}]}, \"product_name\": \"PHP\"}]}, \"vendor_name\": \"PHP\"}]}}, \"exploit\": [{\"lang\": \"en\", \"value\": \"Exploit described at https://github.com/neex/phuip-fpizdam\"}], \"data_type\": \"CVE\", \"generator\": {\"engine\": \"Vulnogram 0.0.8\"}, \"references\": {\"reference_data\": [{\"url\": \"https://github.com/neex/phuip-fpizdam\", \"name\": \"https://github.com/neex/phuip-fpizdam\", \"refsource\": \"MISC\"}, {\"url\": \"https://bugs.php.net/bug.php?id=78599\", \"name\": \"https://bugs.php.net/bug.php?id=78599\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://usn.ubuntu.com/4166-1/\", \"name\": \"USN-4166-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://www.debian.org/security/2019/dsa-4552\", \"name\": \"DSA-4552\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://www.debian.org/security/2019/dsa-4553\", \"name\": \"DSA-4553\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://usn.ubuntu.com/4166-2/\", \"name\": \"USN-4166-2\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://support.f5.com/csp/article/K75408500?utm_source=f5support\u0026amp;utm_medium=RSS\", \"name\": \"https://support.f5.com/csp/article/K75408500?utm_source=f5support\u0026amp;utm_medium=RSS\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/\", \"name\": \"FEDORA-2019-4adc49a476\", \"refsource\": \"FEDORA\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20191031-0003/\", \"name\": \"https://security.netapp.com/advisory/ntap-20191031-0003/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3286\", \"name\": \"RHSA-2019:3286\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3287\", \"name\": \"RHSA-2019:3287\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3299\", \"name\": \"RHSA-2019:3299\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3300\", \"name\": \"RHSA-2019:3300\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/\", \"name\": \"FEDORA-2019-187ae3128d\", \"refsource\": \"FEDORA\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/\", \"name\": \"FEDORA-2019-7bb07c3b02\", \"refsource\": \"FEDORA\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html\", \"name\": \"openSUSE-SU-2019:2441\", \"refsource\": \"SUSE\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3724\", \"name\": \"RHSA-2019:3724\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3735\", \"name\": \"RHSA-2019:3735\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3736\", \"name\": \"RHSA-2019:3736\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://www.synology.com/security/advisory/Synology_SA_19_36\", \"name\": \"https://www.synology.com/security/advisory/Synology_SA_19_36\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html\", \"name\": \"openSUSE-SU-2019:2457\", \"refsource\": \"SUSE\"}, {\"url\": \"https://support.apple.com/kb/HT210919\", \"name\": \"https://support.apple.com/kb/HT210919\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://seclists.org/bugtraq/2020/Jan/44\", \"name\": \"20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"http://seclists.org/fulldisclosure/2020/Jan/40\", \"name\": \"20200131 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra\", \"refsource\": \"FULLDISC\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2020:0322\", \"name\": \"RHSA-2020:0322\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html\", \"name\": \"http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.tenable.com/security/tns-2021-14\", \"name\": \"https://www.tenable.com/security/tns-2021-14\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-120 Buffer Overflow\"}]}]}, \"work_around\": [{\"lang\": \"en\", \"value\": \"Configuring nginx (or other server that implements the front-end part of the FPM protocol) to check for the existence of the target file before passing it to PHP FPM (e.g. \\\"try_files $uri =404\\\" or \\\"if (-f $uri)\\\" in nginx) for would prevent this vulnerability from happening.\"}], \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2019-11043\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Underflow in PHP-FPM can lead to RCE\", \"ASSIGNER\": \"security@php.net\", \"DATE_PUBLIC\": \"2019-10-22T03:18:00.000Z\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2019-11043\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:45:28.408Z\", \"dateReserved\": \"2019-04-09T00:00:00.000Z\", \"assignerOrgId\": \"dd77f84a-d19a-4638-8c3d-a322d820ed2b\", \"datePublished\": \"2019-10-28T14:19:04.252Z\", \"assignerShortName\": \"php\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-6QJM-M8FP-J2MM

Vulnerability from github – Published: 2022-05-24 16:59 – Updated: 2025-10-22 00:31

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-11043"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-120",
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-10-28T15:15:00Z",
    "severity": "HIGH"
  },
  "details": "In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.",
  "id": "GHSA-6qjm-m8fp-j2mm",
  "modified": "2025-10-22T00:31:49Z",
  "published": "2022-05-24T16:59:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11043"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/tns-2021-14"
    },
    {
      "type": "WEB",
      "url": "https://www.synology.com/security/advisory/Synology_SA_19_36"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2019/dsa-4553"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2019/dsa-4552"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-11043"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4166-2"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4166-1"
    },
    {
      "type": "WEB",
      "url": "https://support.f5.com/csp/article/K75408500?utm_source=f5support\u0026amp;utm_medium=RSS"
    },
    {
      "type": "WEB",
      "url": "https://support.f5.com/csp/article/K75408500?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT210919"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20191031-0003"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/bugtraq/2020/Jan/44"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU"
    },
    {
      "type": "WEB",
      "url": "https://github.com/neex/phuip-fpizdam"
    },
    {
      "type": "WEB",
      "url": "https://bugs.php.net/bug.php?id=78599"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0322"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:3736"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:3735"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:3724"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:3300"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:3299"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:3287"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:3286"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2020/Jan/40"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2022-AVI-577

Vulnerability from certfr_avis - Published: 2022-06-22 - Updated: 2022-06-22

Une vulnérabilité a été découverte dans les produits QNAP. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

QNAP QTS versions 5.0.x antérieures à 5.0.1.2034 build 20220515
QNAP QuTS hero versions h5.0.x antérieures à h5.0.0.2069 build 20220614

L'éditeur ne propose pas de correctif pour les versions suivantes :

QNAP QTS versions 4.5.x et supérieures
QNAP QuTS hero h4.5.x et supérieures
QNAP QuTScloud c5.0.x et supérieures

Il recommande de mettre à jour les systèmes listés précédemment à la dernière version afin de pouvoir installer les correctifs de sécurité disponibles.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité QNAP qsa-22-20 du 22 juin 2022

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003eQNAP QTS versions 5.0.x ant\u00e9rieures \u00e0 5.0.1.2034 build 20220515\u003c/li\u003e \u003cli\u003eQNAP QuTS hero versions h5.0.x ant\u00e9rieures \u00e0 h5.0.0.2069 build 20220614\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eL\u0027\u00e9diteur ne propose pas de correctif pour les versions suivantes :\u003c/p\u003e \u003cul\u003e \u003cli\u003eQNAP QTS versions 4.5.x et sup\u00e9rieures\u003c/li\u003e \u003cli\u003eQNAP QuTS hero h4.5.x et sup\u00e9rieures\u003c/li\u003e \u003cli\u003eQNAP QuTScloud c5.0.x et sup\u00e9rieures\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eIl recommande de mettre \u00e0 jour les syst\u00e8mes list\u00e9s pr\u00e9c\u00e9demment \u00e0 la derni\u00e8re version afin de pouvoir installer les correctifs de s\u00e9curit\u00e9 disponibles.\u003c/p\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-11043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11043"
    }
  ],
  "initial_release_date": "2022-06-22T00:00:00",
  "last_revision_date": "2022-06-22T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-577",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-06-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits QNAP. Elle permet \u00e0\nun attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans les produits QNAP",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 QNAP qsa-22-20 du 22 juin 2022",
      "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-22-20"
    }
  ]
}

CERTFR-2021-AVI-571

Vulnerability from certfr_avis - Published: 2021-07-23 - Updated: 2021-07-23

De multiples vulnérabilités ont été découvertes dans Tenable. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Tenable	N/A	Tenable.sc versions antérieures à 5.19.0

References

Title

Publication Time

Tags

Bulletin de sécurité Tenable tns-2021-14 du 22 juillet 2021

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Tenable.sc versions ant\u00e9rieures \u00e0 5.19.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Tenable",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-14042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
    },
    {
      "name": "CVE-2020-7060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7060"
    },
    {
      "name": "CVE-2019-11048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11048"
    },
    {
      "name": "CVE-2020-13434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
    },
    {
      "name": "CVE-2018-14040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
    },
    {
      "name": "CVE-2020-13632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
    },
    {
      "name": "CVE-2019-11041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11041"
    },
    {
      "name": "CVE-2020-7071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7071"
    },
    {
      "name": "CVE-2019-11045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11045"
    },
    {
      "name": "CVE-2021-21704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21704"
    },
    {
      "name": "CVE-2020-7070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7070"
    },
    {
      "name": "CVE-2020-7069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7069"
    },
    {
      "name": "CVE-2019-11046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11046"
    },
    {
      "name": "CVE-2020-7063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7063"
    },
    {
      "name": "CVE-2020-13630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
    },
    {
      "name": "CVE-2019-19646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19646"
    },
    {
      "name": "CVE-2018-20676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
    },
    {
      "name": "CVE-2021-21705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21705"
    },
    {
      "name": "CVE-2019-19919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19919"
    },
    {
      "name": "CVE-2021-23358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23358"
    },
    {
      "name": "CVE-2020-11656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
    },
    {
      "name": "CVE-2020-7068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7068"
    },
    {
      "name": "CVE-2018-20677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
    },
    {
      "name": "CVE-2019-11044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11044"
    },
    {
      "name": "CVE-2020-7064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7064"
    },
    {
      "name": "CVE-2020-15358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
    },
    {
      "name": "CVE-2017-5661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5661"
    },
    {
      "name": "CVE-2019-11047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11047"
    },
    {
      "name": "CVE-2020-7067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7067"
    },
    {
      "name": "CVE-2020-7062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7062"
    },
    {
      "name": "CVE-2020-13631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
    },
    {
      "name": "CVE-2019-11043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11043"
    },
    {
      "name": "CVE-2020-7065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7065"
    },
    {
      "name": "CVE-2019-11050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11050"
    },
    {
      "name": "CVE-2020-11022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
    },
    {
      "name": "CVE-2020-7066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7066"
    },
    {
      "name": "CVE-2016-10735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
    },
    {
      "name": "CVE-2019-19645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19645"
    },
    {
      "name": "CVE-2020-11655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
    },
    {
      "name": "CVE-2019-16168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16168"
    },
    {
      "name": "CVE-2020-7061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7061"
    },
    {
      "name": "CVE-2020-7059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7059"
    },
    {
      "name": "CVE-2019-11042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11042"
    },
    {
      "name": "CVE-2019-11049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11049"
    },
    {
      "name": "CVE-2021-21702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21702"
    },
    {
      "name": "CVE-2020-13435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
    },
    {
      "name": "CVE-2019-8331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
    }
  ],
  "initial_release_date": "2021-07-23T00:00:00",
  "last_revision_date": "2021-07-23T00:00:00",
  "links": [],
  "reference": "CERTFR-2021-AVI-571",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-07-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable. Elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\ninjection de code indirecte \u00e0 distance (XSS).\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2021-14 du 22 juillet 2021",
      "url": "https://www.tenable.com/security/tns-2021-14"
    }
  ]
}

CERTFR-2019-AVI-534

Vulnerability from certfr_avis - Published: 2019-10-24 - Updated: 2019-10-25

De multiples vulnérabilités ont été découvertes dans PHP. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur et une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
PHP	PHP	PHP versions 7.3.x antérieures à 7.3.11
PHP	PHP	PHP versions 7.1.x antérieures à 7.1.33
PHP	PHP	PHP versions 7.2.x antérieures à 7.2.24

References

Title

Publication Time

Tags

Bulletin de sécurité PHP 7.1.33 du 24 octobre 2019	None	vendor-advisory
Bulletin de sécurité PHP 7.2.24 du 24 octobre 2019	None	vendor-advisory
Bulletin de sécurité PHP 7.3.11 du 24 octobre 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "PHP versions 7.3.x ant\u00e9rieures \u00e0 7.3.11",
      "product": {
        "name": "PHP",
        "vendor": {
          "name": "PHP",
          "scada": false
        }
      }
    },
    {
      "description": "PHP versions 7.1.x ant\u00e9rieures \u00e0 7.1.33",
      "product": {
        "name": "PHP",
        "vendor": {
          "name": "PHP",
          "scada": false
        }
      }
    },
    {
      "description": "PHP versions 7.2.x ant\u00e9rieures \u00e0 7.2.24",
      "product": {
        "name": "PHP",
        "vendor": {
          "name": "PHP",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-11043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11043"
    }
  ],
  "initial_release_date": "2019-10-24T00:00:00",
  "last_revision_date": "2019-10-25T00:00:00",
  "links": [],
  "reference": "CERTFR-2019-AVI-534",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-10-24T00:00:00.000000"
    },
    {
      "description": "Ajout du bulletin de s\u00e9curit\u00e9 PHP 7.1.33 du 24 octobre 2019",
      "revision_date": "2019-10-25T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans PHP. Elles\npermettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur et une ex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans PHP",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 PHP 7.1.33 du 24 octobre 2019",
      "url": "https://www.php.net/ChangeLog-7.php#7.1.33"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 PHP 7.2.24 du 24 octobre 2019",
      "url": "https://www.php.net/ChangeLog-7.php#7.2.24"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 PHP 7.3.11 du 24 octobre 2019",
      "url": "https://www.php.net/ChangeLog-7.php#7.3.11"
    }
  ]
}

CERTFR-2020-AVI-063

Vulnerability from certfr_avis - Published: 2020-01-29 - Updated: 2020-01-30

De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	macOS	macOS Catalina versions antérieures à 10.15.3
Apple	macOS	macOS Mojave sans le correctif de sécurité 2020-001
Apple	N/A	iCloud pour Windows versions 10.x antérieures à 10.9.2
Apple	N/A	iOS versions antérieures à 13.3.1
Apple	N/A	watchOS versions antérieures à6.1.2
Apple	N/A	iCloud pour Windows versions antérieures à 7.17
Apple	Safari	Safari versions antérieures à 13.0.5
Apple	N/A	iPadOS versions antérieures à 13.3.1
Apple	N/A	tvOS versions antérieures à13.3.1
Apple	macOS	macOS High Sierra sans le correctif de sécurité 2020-001
Apple	N/A	iTunes versions antérieures à 12.10.4

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT210918 du 28 janvier 2020	None	vendor-advisory
Bulletin de sécurité Apple HT210948 du 28 janvier 2020	None	vendor-advisory
Bulletin de sécurité Apple HT210923 du 28 janvier 2020	None	vendor-advisory
Bulletin de sécurité Apple HT210922 du 28 janvier 2020	None	vendor-advisory
Bulletin de sécurité Apple HT210921 du 28 janvier 2020	None	vendor-advisory
Bulletin de sécurité Apple HT210947 du 28 janvier 2020	None	vendor-advisory
Bulletin de sécurité Apple HT210920 du 28 janvier 2020	None	vendor-advisory
Bulletin de sécurité Apple HT210919 du 28 janvier 2020	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "macOS Catalina versions ant\u00e9rieures \u00e0 10.15.3",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Mojave sans le correctif de s\u00e9curit\u00e9 2020-001",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iCloud pour Windows versions 10.x ant\u00e9rieures \u00e0 10.9.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 13.3.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "watchOS versions ant\u00e9rieures \u00e06.1.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 7.17",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari versions ant\u00e9rieures \u00e0 13.0.5",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPadOS versions ant\u00e9rieures \u00e0 13.3.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "tvOS versions ant\u00e9rieures \u00e013.3.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS High Sierra sans le correctif de s\u00e9curit\u00e9 2020-001",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iTunes versions ant\u00e9rieures \u00e0 12.10.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-3859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3859"
    },
    {
      "name": "CVE-2020-3878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3878"
    },
    {
      "name": "CVE-2020-3860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3860"
    },
    {
      "name": "CVE-2020-3838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3838"
    },
    {
      "name": "CVE-2020-3873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3873"
    },
    {
      "name": "CVE-2020-3855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3855"
    },
    {
      "name": "CVE-2019-18634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18634"
    },
    {
      "name": "CVE-2020-3869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3869"
    },
    {
      "name": "CVE-2020-3843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3843"
    },
    {
      "name": "CVE-2020-3862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3862"
    },
    {
      "name": "CVE-2020-3865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3865"
    },
    {
      "name": "CVE-2020-3853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3853"
    },
    {
      "name": "CVE-2020-3857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3857"
    },
    {
      "name": "CVE-2020-3858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3858"
    },
    {
      "name": "CVE-2020-3849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3849"
    },
    {
      "name": "CVE-2020-3845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3845"
    },
    {
      "name": "CVE-2020-3870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3870"
    },
    {
      "name": "CVE-2020-3837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3837"
    },
    {
      "name": "CVE-2020-3834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3834"
    },
    {
      "name": "CVE-2020-3831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3831"
    },
    {
      "name": "CVE-2020-3830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3830"
    },
    {
      "name": "CVE-2020-3835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3835"
    },
    {
      "name": "CVE-2020-3848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3848"
    },
    {
      "name": "CVE-2020-3841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3841"
    },
    {
      "name": "CVE-2020-3872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3872"
    },
    {
      "name": "CVE-2020-3826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3826"
    },
    {
      "name": "CVE-2020-3867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3867"
    },
    {
      "name": "CVE-2020-3828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3828"
    },
    {
      "name": "CVE-2020-3850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3850"
    },
    {
      "name": "CVE-2020-3839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3839"
    },
    {
      "name": "CVE-2020-3842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3842"
    },
    {
      "name": "CVE-2020-3827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3827"
    },
    {
      "name": "CVE-2020-3874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3874"
    },
    {
      "name": "CVE-2020-3854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3854"
    },
    {
      "name": "CVE-2020-3871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3871"
    },
    {
      "name": "CVE-2019-11043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11043"
    },
    {
      "name": "CVE-2020-3833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3833"
    },
    {
      "name": "CVE-2020-3844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3844"
    },
    {
      "name": "CVE-2020-3877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3877"
    },
    {
      "name": "CVE-2020-3868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3868"
    },
    {
      "name": "CVE-2020-3856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3856"
    },
    {
      "name": "CVE-2020-3846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3846"
    },
    {
      "name": "CVE-2020-3861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3861"
    },
    {
      "name": "CVE-2020-3825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3825"
    },
    {
      "name": "CVE-2020-3840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3840"
    },
    {
      "name": "CVE-2020-3829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3829"
    },
    {
      "name": "CVE-2020-3836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3836"
    },
    {
      "name": "CVE-2020-3875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3875"
    },
    {
      "name": "CVE-2020-3847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3847"
    },
    {
      "name": "CVE-2020-3866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-3866"
    }
  ],
  "initial_release_date": "2020-01-29T00:00:00",
  "last_revision_date": "2020-01-30T00:00:00",
  "links": [],
  "reference": "CERTFR-2020-AVI-063",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-01-29T00:00:00.000000"
    },
    {
      "description": "Ajout des avis HT210947 et HT210948 du 28 janvier 2020",
      "revision_date": "2020-01-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un contournement de la\npolitique de s\u00e9curit\u00e9 et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT210918 du 28 janvier 2020",
      "url": "https://support.apple.com/en-us/HT210918"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT210948 du 28 janvier 2020",
      "url": "https://support.apple.com/en-us/HT210948"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT210923 du 28 janvier 2020",
      "url": "https://support.apple.com/en-us/HT210923"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT210922 du 28 janvier 2020",
      "url": "https://support.apple.com/en-us/HT210922"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT210921 du 28 janvier 2020",
      "url": "https://support.apple.com/en-us/HT210921"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT210947 du 28 janvier 2020",
      "url": "https://support.apple.com/en-us/HT210947"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT210920 du 28 janvier 2020",
      "url": "https://support.apple.com/en-us/HT210920"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT210919 du 28 janvier 2020",
      "url": "https://support.apple.com/en-us/HT210919"
    }
  ]
}

CNVD-2019-36855

Vulnerability from cnvd - Published: 2019-10-23

Title

PHP远程代码执行漏洞（CNVD-2019-36855）

Description

PHP（PHP：Hypertext Preprocessor，PHP：超文本预处理器）是PHP Group和开放源代码社区共同维护的一种开源的通用计算机脚本语言。 PHP存在远程代码执行漏洞。攻击者通过精心的构造和利用，可以导致远程代码执行。

Severity

高

Patch Name

PHP远程代码执行漏洞（CNVD-2019-36855）的补丁

Patch Description

PHP（PHP：Hypertext Preprocessor，PHP：超文本预处理器）是PHP Group和开放源代码社区共同维护的一种开源的通用计算机脚本语言。 PHP存在远程代码执行漏洞。攻击者通过精心的构造和利用，可以导致远程代码执行。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下供应商提供的安全公告获得补丁信息： https://bugs.php.net/bug.php?id=78599

Reference

https://bugs.php.net/bug.php?id=78599 https://lab.wallarm.com/php-remote-code-execution-0-day-discovered-in-real-world-ctf-exercise/ https://github.com/neex/phuip-fpizdam

Impacted products

Name
PHP PHP

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-11043"
    }
  },
  "description": "PHP\uff08PHP\uff1aHypertext Preprocessor\uff0cPHP\uff1a\u8d85\u6587\u672c\u9884\u5904\u7406\u5668\uff09\u662fPHP Group\u548c\u5f00\u653e\u6e90\u4ee3\u7801\u793e\u533a\u5171\u540c\u7ef4\u62a4\u7684\u4e00\u79cd\u5f00\u6e90\u7684\u901a\u7528\u8ba1\u7b97\u673a\u811a\u672c\u8bed\u8a00\u3002 \n\nPHP\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u901a\u8fc7\u7cbe\u5fc3\u7684\u6784\u9020\u548c\u5229\u7528\uff0c\u53ef\u4ee5\u5bfc\u81f4\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002",
  "discovererName": "Andrew Danau",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://bugs.php.net/bug.php?id=78599",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-36855",
  "openTime": "2019-10-23",
  "patchDescription": "PHP\uff08PHP\uff1aHypertext Preprocessor\uff0cPHP\uff1a\u8d85\u6587\u672c\u9884\u5904\u7406\u5668\uff09\u662fPHP Group\u548c\u5f00\u653e\u6e90\u4ee3\u7801\u793e\u533a\u5171\u540c\u7ef4\u62a4\u7684\u4e00\u79cd\u5f00\u6e90\u7684\u901a\u7528\u8ba1\u7b97\u673a\u811a\u672c\u8bed\u8a00\u3002 \r\n\r\nPHP\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u901a\u8fc7\u7cbe\u5fc3\u7684\u6784\u9020\u548c\u5229\u7528\uff0c\u53ef\u4ee5\u5bfc\u81f4\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "PHP\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2019-36855\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "PHP PHP"
  },
  "referenceLink": "https://bugs.php.net/bug.php?id=78599\r\nhttps://lab.wallarm.com/php-remote-code-execution-0-day-discovered-in-real-world-ctf-exercise/\r\nhttps://github.com/neex/phuip-fpizdam",
  "serverity": "\u9ad8",
  "submitTime": "2019-10-23",
  "title": "PHP\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2019-36855\uff09"
}

GSD-2019-11043

Vulnerability from gsd - Updated: 2023-12-13 01:24

Details

Aliases

CVE-2019-11043

Aliases

CVE-2019-11043

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-11043",
    "description": "In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.",
    "id": "GSD-2019-11043",
    "references": [
      "https://www.suse.com/security/cve/CVE-2019-11043.html",
      "https://www.debian.org/security/2019/dsa-4552",
      "https://www.debian.org/security/2019/dsa-4553",
      "https://access.redhat.com/errata/RHSA-2020:2835",
      "https://access.redhat.com/errata/RHSA-2020:0322",
      "https://access.redhat.com/errata/RHSA-2019:3736",
      "https://access.redhat.com/errata/RHSA-2019:3735",
      "https://access.redhat.com/errata/RHSA-2019:3724",
      "https://access.redhat.com/errata/RHSA-2019:3300",
      "https://access.redhat.com/errata/RHSA-2019:3299",
      "https://access.redhat.com/errata/RHSA-2019:3287",
      "https://access.redhat.com/errata/RHSA-2019:3286",
      "https://ubuntu.com/security/CVE-2019-11043",
      "https://advisories.mageia.org/CVE-2019-11043.html",
      "https://security.archlinux.org/CVE-2019-11043",
      "https://alas.aws.amazon.com/cve/html/CVE-2019-11043.html",
      "https://linux.oracle.com/cve/CVE-2019-11043.html",
      "https://packetstormsecurity.com/files/cve/CVE-2019-11043"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-11043"
      ],
      "details": "In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.",
      "id": "GSD-2019-11043",
      "modified": "2023-12-13T01:24:02.024494Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2019-11043",
      "dateAdded": "2022-03-25",
      "dueDate": "2022-04-15",
      "product": "FastCGI Process Manager (FPM)",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "In some versions of PHP in certain configurations of FPM setup, it is possible to cause FPM module to write past allocated buffers allowing the possibility of remote code execution.",
      "vendorProject": "PHP",
      "vulnerabilityName": "PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@php.net",
        "DATE_PUBLIC": "2019-10-22T03:18:00.000Z",
        "ID": "CVE-2019-11043",
        "STATE": "PUBLIC",
        "TITLE": "Underflow in PHP-FPM can lead to RCE"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "PHP",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "7.1.x",
                          "version_value": "7.1.33"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "7.2.x",
                          "version_value": "7.2.24"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "7.3.x",
                          "version_value": "7.3.11"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "PHP"
            }
          ]
        }
      },
      "credit": [
        {
          "lang": "eng",
          "value": "Reported by Emil Lerner. "
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution."
          }
        ]
      },
      "exploit": [
        {
          "lang": "eng",
          "value": "Exploit described at https://github.com/neex/phuip-fpizdam"
        }
      ],
      "generator": {
        "engine": "Vulnogram 0.0.8"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-120 Buffer Overflow"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/neex/phuip-fpizdam",
            "refsource": "MISC",
            "url": "https://github.com/neex/phuip-fpizdam"
          },
          {
            "name": "https://bugs.php.net/bug.php?id=78599",
            "refsource": "CONFIRM",
            "url": "https://bugs.php.net/bug.php?id=78599"
          },
          {
            "name": "USN-4166-1",
            "refsource": "UBUNTU",
            "url": "https://usn.ubuntu.com/4166-1/"
          },
          {
            "name": "DSA-4552",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2019/dsa-4552"
          },
          {
            "name": "DSA-4553",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2019/dsa-4553"
          },
          {
            "name": "USN-4166-2",
            "refsource": "UBUNTU",
            "url": "https://usn.ubuntu.com/4166-2/"
          },
          {
            "name": "https://support.f5.com/csp/article/K75408500?utm_source=f5support\u0026amp;utm_medium=RSS",
            "refsource": "CONFIRM",
            "url": "https://support.f5.com/csp/article/K75408500?utm_source=f5support\u0026amp;utm_medium=RSS"
          },
          {
            "name": "FEDORA-2019-4adc49a476",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20191031-0003/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20191031-0003/"
          },
          {
            "name": "RHSA-2019:3286",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2019:3286"
          },
          {
            "name": "RHSA-2019:3287",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2019:3287"
          },
          {
            "name": "RHSA-2019:3299",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2019:3299"
          },
          {
            "name": "RHSA-2019:3300",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2019:3300"
          },
          {
            "name": "FEDORA-2019-187ae3128d",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/"
          },
          {
            "name": "FEDORA-2019-7bb07c3b02",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/"
          },
          {
            "name": "openSUSE-SU-2019:2441",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html"
          },
          {
            "name": "RHSA-2019:3724",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2019:3724"
          },
          {
            "name": "RHSA-2019:3735",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2019:3735"
          },
          {
            "name": "RHSA-2019:3736",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2019:3736"
          },
          {
            "name": "https://www.synology.com/security/advisory/Synology_SA_19_36",
            "refsource": "CONFIRM",
            "url": "https://www.synology.com/security/advisory/Synology_SA_19_36"
          },
          {
            "name": "openSUSE-SU-2019:2457",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html"
          },
          {
            "name": "https://support.apple.com/kb/HT210919",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/kb/HT210919"
          },
          {
            "name": "20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra",
            "refsource": "BUGTRAQ",
            "url": "https://seclists.org/bugtraq/2020/Jan/44"
          },
          {
            "name": "20200131 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra",
            "refsource": "FULLDISC",
            "url": "http://seclists.org/fulldisclosure/2020/Jan/40"
          },
          {
            "name": "RHSA-2020:0322",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2020:0322"
          },
          {
            "name": "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html"
          },
          {
            "name": "https://www.tenable.com/security/tns-2021-14",
            "refsource": "CONFIRM",
            "url": "https://www.tenable.com/security/tns-2021-14"
          }
        ]
      },
      "source": {
        "defect": [
          "https://bugs.php.net/bug.php?id=78599"
        ],
        "discovery": "EXTERNAL"
      },
      "work_around": [
        {
          "lang": "eng",
          "value": "Configuring nginx (or other server that implements the front-end part of the FPM protocol) to check for the existence of the target file before passing it to PHP FPM (e.g. \"try_files $uri =404\" or \"if (-f $uri)\" in nginx) for would prevent this vulnerability from happening. "
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.1.33",
                "versionStartIncluding": "7.1.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.3.11",
                "versionStartIncluding": "7.3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.2.24",
                "versionStartIncluding": "7.2.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@php.net",
          "ID": "CVE-2019-11043"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/neex/phuip-fpizdam",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://github.com/neex/phuip-fpizdam"
            },
            {
              "name": "https://bugs.php.net/bug.php?id=78599",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Issue Tracking",
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://bugs.php.net/bug.php?id=78599"
            },
            {
              "name": "USN-4166-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://usn.ubuntu.com/4166-1/"
            },
            {
              "name": "USN-4166-2",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://usn.ubuntu.com/4166-2/"
            },
            {
              "name": "DSA-4553",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.debian.org/security/2019/dsa-4553"
            },
            {
              "name": "DSA-4552",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.debian.org/security/2019/dsa-4552"
            },
            {
              "name": "https://support.f5.com/csp/article/K75408500?utm_source=f5support\u0026amp;utm_medium=RSS",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://support.f5.com/csp/article/K75408500?utm_source=f5support\u0026amp;utm_medium=RSS"
            },
            {
              "name": "FEDORA-2019-4adc49a476",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20191031-0003/",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://security.netapp.com/advisory/ntap-20191031-0003/"
            },
            {
              "name": "RHSA-2019:3287",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2019:3287"
            },
            {
              "name": "RHSA-2019:3286",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2019:3286"
            },
            {
              "name": "RHSA-2019:3299",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2019:3299"
            },
            {
              "name": "RHSA-2019:3300",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2019:3300"
            },
            {
              "name": "FEDORA-2019-187ae3128d",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/"
            },
            {
              "name": "FEDORA-2019-7bb07c3b02",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/"
            },
            {
              "name": "openSUSE-SU-2019:2441",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html"
            },
            {
              "name": "RHSA-2019:3724",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2019:3724"
            },
            {
              "name": "RHSA-2019:3735",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2019:3735"
            },
            {
              "name": "RHSA-2019:3736",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2019:3736"
            },
            {
              "name": "https://www.synology.com/security/advisory/Synology_SA_19_36",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://www.synology.com/security/advisory/Synology_SA_19_36"
            },
            {
              "name": "openSUSE-SU-2019:2457",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html"
            },
            {
              "name": "https://support.apple.com/kb/HT210919",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://support.apple.com/kb/HT210919"
            },
            {
              "name": "20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "https://seclists.org/bugtraq/2020/Jan/44"
            },
            {
              "name": "20200131 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra",
              "refsource": "FULLDISC",
              "tags": [],
              "url": "http://seclists.org/fulldisclosure/2020/Jan/40"
            },
            {
              "name": "RHSA-2020:0322",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2020:0322"
            },
            {
              "name": "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html"
            },
            {
              "name": "https://www.tenable.com/security/tns-2021-14",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://www.tenable.com/security/tns-2021-14"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2021-07-22T18:15Z",
      "publishedDate": "2019-10-28T15:15Z"
    }
  }
}

CVE-2019-11043

Vulnerability from fstec - Published: 28.10.2019

Title

Уязвимость компонента sapi/fpm/fpm/fpm_main.c расширения PHP-FPM интерпретатора языка программирования PHP, позволяющая нарушителю выполнять произвольные команды

Description

Уязвимость компонента sapi/fpm/fpm/fpm_main.c расширения PHP-FPM интерпретатора языка программирования PHP связана с ошибками переполнения буфера. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнять произвольные команды на уязвимом сервере с помощью специально сформированного URL

Severity ?


                    
                      AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

Vendor

ООО «РусБИТех-Астра», Red Hat Inc., Canonical Ltd., Сообщество свободного программного обеспечения, Fedora Project, Novell Inc., PHP Group, АО «ИВК», АО «Концерн ВНИИНС»

Software Name

Astra Linux Special Edition (запись в едином реестре российских программ №369), Red Hat Enterprise Linux, Ubuntu, Debian GNU/Linux, Fedora, OpenSUSE Leap, PHP, Astra Linux Special Edition для «Эльбрус» (запись в едином реестре российских программ №11156), Альт 8 СП (запись в едином реестре российских программ №4305), ОС ОН «Стрелец» (запись в едином реестре российских программ №6177)

Software Version

1.5 «Смоленск» (Astra Linux Special Edition), 6 (Red Hat Enterprise Linux), 7 (Red Hat Enterprise Linux), 16.04 LTS (Ubuntu), 9 (Debian GNU/Linux), 18.04 LTS (Ubuntu), 1.6 «Смоленск» (Astra Linux Special Edition), 29 (Fedora), 12.04 ESM (Ubuntu), 19.04 (Ubuntu), 8 (Red Hat Enterprise Linux), 15.0 (OpenSUSE Leap), 15.1 (OpenSUSE Leap), 30 (Fedora), 14.04 ESM (Ubuntu), 8 (Debian GNU/Linux), 10 (Debian GNU/Linux), 31 (Fedora), 19.10 (Ubuntu), от 7.1.0 до 7.1.33 (PHP), от 7.2.0 до 7.2.24 (PHP), от 7.3.0 до 7.3.11 (PHP), 8.1 «Ленинград» (Astra Linux Special Edition для «Эльбрус»), - (Альт 8 СП), до 16.01.2023 (ОС ОН «Стрелец»)

Possible Mitigations

Использование рекомендаций: Для PHP: https://bugs.php.net/bug.php?id=78599 Для Debian GNU/Linux: Обновление программного обеспечения (пакета php5) до 5.6.40+dfsg-0+deb8u7 или более поздней версии Обновление программного обеспечения (пакета php7.0) до 7.0.33-0+deb9u6 или более поздней версии Обновление программного обеспечения (пакета php7.3) до 7.3.11-1~deb10u1 или более поздней версии Для программных продуктов Novell Inc.: https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html Для Fedora: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/ Для Ubuntu: https://usn.ubuntu.com/4166-2/ https://usn.ubuntu.com/4166-1/ Для программных продуктов Red Hat Inc.: https://bugzilla.redhat.com/show_bug.cgi?id=1766378 Для Astra Linux: Обновление программного обеспечения (пакета php5) до 5.6.40+dfsg-0+deb8u7 или более поздней версии Обновление программного обеспечения (пакета php7.0) до 7.0.33-0+deb9u6 или более поздней версии Обновление программного обеспечения (пакета php7.3) до 7.3.11-1~deb10u1 или более поздней версии Для PHP 5: Обновление программного обеспечения до 5.6.40+dfsg-0+deb8u7 или более поздней версии Для PHP 7.0: Обновление программного обеспечения до 7.0.33-0+deb9u6 или более поздней версии Для PHP 7.3: Обновление программного обеспечения до 7.3.10-1 или более поздней версии Для ОС ОН «Стрелец»: Обновление программного обеспечения php7.0 до версии 7.0.33.repack1-0+deb9u10.osnova6 Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства

Reference

https://securitylab.ru/news/502087.php https://github.com/neex/phuip-fpizdam https://nvd.nist.gov/vuln/detail/CVE-2019-11043 https://bugs.php.net/bug.php?id=78599 https://www.debian.org/security/2019/dsa-4552 https://www.debian.org/security/2019/dsa-4553 https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/ https://usn.ubuntu.com/4166-2/ https://usn.ubuntu.com/4166-1/ https://bugzilla.redhat.com/show_bug.cgi?id=1766378 https://wiki.astralinux.ru/astra-linux-se81-bulletin-20200429SE81 https://wiki.astralinux.ru/astra-linux-se15-bulletin-20201201SE15 https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023 https://altsp.su/obnovleniya-bezopasnosti/ https://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv

CWE

CWE-120, CWE-787

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:H/Au:N/C:C/I:C/A:N",
  "CVSS 3.0": "AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Red Hat Inc., Canonical Ltd., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Fedora Project, Novell Inc., PHP Group, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.5 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 6 (Red Hat Enterprise Linux), 7 (Red Hat Enterprise Linux), 16.04 LTS (Ubuntu), 9 (Debian GNU/Linux), 18.04 LTS (Ubuntu), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 29 (Fedora), 12.04 ESM (Ubuntu), 19.04 (Ubuntu), 8 (Red Hat Enterprise Linux), 15.0 (OpenSUSE Leap), 15.1 (OpenSUSE Leap), 30 (Fedora), 14.04 ESM (Ubuntu), 8 (Debian GNU/Linux), 10 (Debian GNU/Linux), 31 (Fedora), 19.10 (Ubuntu), \u043e\u0442 7.1.0 \u0434\u043e 7.1.33 (PHP), \u043e\u0442 7.2.0 \u0434\u043e 7.2.24 (PHP), \u043e\u0442 7.3.0 \u0434\u043e 7.3.11 (PHP), 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f PHP:\nhttps://bugs.php.net/bug.php?id=78599\n\n\u0414\u043b\u044f Debian GNU/Linux:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 php5) \u0434\u043e 5.6.40+dfsg-0+deb8u7 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 php7.0) \u0434\u043e 7.0.33-0+deb9u6 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 php7.3) \u0434\u043e 7.3.11-1~deb10u1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html\nhttps://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html\n\n\u0414\u043b\u044f Fedora:\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/\n\n\u0414\u043b\u044f Ubuntu:\nhttps://usn.ubuntu.com/4166-2/\nhttps://usn.ubuntu.com/4166-1/\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1766378\n\n\u0414\u043b\u044f Astra Linux:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 php5) \u0434\u043e 5.6.40+dfsg-0+deb8u7 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 php7.0) \u0434\u043e 7.0.33-0+deb9u6 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 php7.3) \u0434\u043e 7.3.11-1~deb10u1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f PHP 5:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e 5.6.40+dfsg-0+deb8u7 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f PHP 7.0:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e 7.0.33-0+deb9u6 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f PHP 7.3:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e 7.3.10-1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f php7.0 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 7.0.33.repack1-0+deb9u10.osnova6\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "28.10.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "18.02.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "08.01.2020",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2020-00013",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-11043",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Enterprise Linux, Ubuntu, Debian GNU/Linux, Fedora, OpenSUSE Leap, PHP, Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.5 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Inc. Red Hat Enterprise Linux 6 , Red Hat Inc. Red Hat Enterprise Linux 7 , Canonical Ltd. Ubuntu 16.04 LTS , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , Canonical Ltd. Ubuntu 18.04 LTS , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Fedora Project Fedora 29 , Canonical Ltd. Ubuntu 12.04 ESM , Canonical Ltd. Ubuntu 19.04 , Red Hat Inc. Red Hat Enterprise Linux 8 , Novell Inc. OpenSUSE Leap 15.0 , Novell Inc. OpenSUSE Leap 15.1 , Fedora Project Fedora 30 , Canonical Ltd. Ubuntu 14.04 ESM , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 8 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , Fedora Project Fedora 31 , Canonical Ltd. Ubuntu 19.10 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f -  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 sapi/fpm/fpm/fpm_main.c \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f PHP-FPM \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0430\u0442\u043e\u0440\u0430 \u044f\u0437\u044b\u043a\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f PHP, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0440\u0430\u0437\u043c\u0435\u0440\u0430 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (\u043a\u043b\u0430\u0441\u0441\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430) (CWE-120), \u0417\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-787)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 sapi/fpm/fpm/fpm_main.c \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f PHP-FPM \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0430\u0442\u043e\u0440\u0430 \u044f\u0437\u044b\u043a\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f PHP \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e URL",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://securitylab.ru/news/502087.php\nhttps://github.com/neex/phuip-fpizdam\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-11043\nhttps://bugs.php.net/bug.php?id=78599\nhttps://www.debian.org/security/2019/dsa-4552\nhttps://www.debian.org/security/2019/dsa-4553\nhttps://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html\nhttps://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/\nhttps://usn.ubuntu.com/4166-2/\nhttps://usn.ubuntu.com/4166-1/\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1766378\nhttps://wiki.astralinux.ru/astra-linux-se81-bulletin-20200429SE81\nhttps://wiki.astralinux.ru/astra-linux-se15-bulletin-20201201SE15\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023\nhttps://altsp.su/obnovleniya-bezopasnosti/\nhttps://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-120, CWE-787",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,1)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,7)"
}

CVE-2019-11043

Vulnerability from osv_almalinux

Published

2019-11-06 13:15

Modified

2019-11-06 13:15

Summary

Critical: php:7.2 security update

Details

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

Security Fix(es):

php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "apcu-panel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.1.12-2.module_el8.3.0+2010+7c76a223"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libzip"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.1-2.module_el8.3.0+2010+7c76a223"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libzip"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.1-2.module_el8.4.0+2228+7c76a223"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libzip"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.1-2.module_el8.5.0+53+9945c2af"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libzip-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.1-2.module_el8.4.0+2228+7c76a223"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libzip-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.1-2.module_el8.3.0+2010+7c76a223"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libzip-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.1-2.module_el8.5.0+53+9945c2af"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libzip-tools"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.1-2.module_el8.4.0+2228+7c76a223"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libzip-tools"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.1-2.module_el8.3.0+2010+7c76a223"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libzip-tools"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.1-2.module_el8.5.0+53+9945c2af"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pear"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.10.5-9.module_el8.3.0+2010+7c76a223"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pecl-apcu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.1.12-2.module_el8.5.0+53+9945c2af"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pecl-apcu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.1.12-2.module_el8.4.0+2228+7c76a223"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pecl-apcu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.1.12-2.module_el8.3.0+2010+7c76a223"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pecl-apcu-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.1.12-2.module_el8.5.0+53+9945c2af"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pecl-apcu-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.1.12-2.module_el8.3.0+2010+7c76a223"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pecl-apcu-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.1.12-2.module_el8.4.0+2228+7c76a223"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pecl-zip"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.15.3-1.module_el8.5.0+53+9945c2af"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pecl-zip"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.15.3-1.module_el8.4.0+2228+7c76a223"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pecl-zip"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.15.3-1.module_el8.3.0+2010+7c76a223"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es):\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
  "id": "ALSA-2019:3735",
  "modified": "2019-11-06T13:15:21Z",
  "published": "2019-11-06T13:15:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/8/ALSA-2019-3735.html"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2019-11043"
    }
  ],
  "related": [
    "CVE-2019-11043"
  ],
  "summary": "Critical: php:7.2 security update"
}

CVE-2019-11043

Vulnerability from osv_almalinux

Published

2019-11-06 13:15

Modified

2019-11-06 13:15

Summary

Critical: php:7.3 security update

Details

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

Security Fix(es):

php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "apcu-panel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.1.17-1.module_el8.3.0+2009+b272fdef"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libzip"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.2-1.module_el8.5.0+152+112d3b8c"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libzip"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.2-1.module_el8.3.0+2009+b272fdef"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libzip"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.2-1.module_el8.4.0+2229+b272fdef"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libzip-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.2-1.module_el8.4.0+2229+b272fdef"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libzip-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.2-1.module_el8.3.0+2009+b272fdef"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libzip-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.2-1.module_el8.5.0+152+112d3b8c"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libzip-tools"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.2-1.module_el8.5.0+152+112d3b8c"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libzip-tools"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.2-1.module_el8.4.0+2229+b272fdef"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libzip-tools"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.2-1.module_el8.3.0+2009+b272fdef"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pear"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.10.9-1.module_el8.3.0+2009+b272fdef"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pecl-apcu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.1.17-1.module_el8.5.0+152+112d3b8c"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pecl-apcu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.1.17-1.module_el8.3.0+2009+b272fdef"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pecl-apcu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.1.17-1.module_el8.4.0+2229+b272fdef"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pecl-apcu-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.1.17-1.module_el8.3.0+2009+b272fdef"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pecl-apcu-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.1.17-1.module_el8.4.0+2229+b272fdef"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pecl-apcu-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.1.17-1.module_el8.5.0+152+112d3b8c"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pecl-zip"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.15.4-1.module_el8.4.0+2229+b272fdef"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pecl-zip"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.15.4-1.module_el8.5.0+152+112d3b8c"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "php-pecl-zip"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.15.4-1.module_el8.3.0+2009+b272fdef"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es):\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
  "id": "ALSA-2019:3736",
  "modified": "2019-11-06T13:15:34Z",
  "published": "2019-11-06T13:15:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/8/ALSA-2019-3736.html"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2019-11043"
    }
  ],
  "related": [
    "CVE-2019-11043"
  ],
  "summary": "Critical: php:7.3 security update"
}

CERTFR-2019-ALE-014

Vulnerability from certfr_alerte - Published: 2019-10-29 - Updated: 2020-01-08

Le CERT-FR a publié un avis concernant la CVE-2019-11043 qui affecte PHP et permet l'exécution de code arbitraire à distance.

Un code d'exploitation est maintenant disponible sur internet, facilitant l'utilisation de cette vulnérabilité.

Ce code d'exploitation nécessite une configuration communément recommandée de nginx et php-fpm utilisant fastcgi_split_path_info. Voici un exemple de configuration vulnérable:

location ~ [^/]\.php(/|$) {
 ...
 fastcgi_split_path_info ^(.+?\.php)(/.*)$;
 fastcgi_param PATH_INFO $fastcgi_path_info;
 fastcgi_pass php:9000;
 ...
}

Il est possible que d'autres chemins d'exploitation non connus à ce jour permettent d'abuser de la vulnérabilité.

Le CERT-FR recommande fortement la mise à jour de php vers une version non vulnérable, et ce dans les plus brefs délais si votre configuration nginx utilise fastcgi_split_path_info.

Les versions de PHP antérieures à 7.1 peuvent être également affectées, et ne bénéficieront pas de mise à jour. Il est primordial d'utiliser une version supportée par l'éditeur.

Solution

Le CERT-FR recommande de mettre à jour PHP vers une version non vulnérable sans attendre.

Contournement provisoire

Il est possible de se prémunir contre ce code d'exploitation en vérifiant l'existence du fichier PHP. Ainsi, les requêtes malformées sont filtrées au niveau de nginx, de cette manière l'attaquant n'est pas capable d'exploiter la vulnérabilité dans php-fpm.

Afin de mettre en place ce contournement provisoire, il faut insérer try_files $uri =404; avant de passer la requête à php-fpm (avant la ligne fastcgi_pass dans l'exemple plus haut).

None

Impacted products

Vendor	Product	Description
PHP	PHP	PHP versions 7.3.x antérieures à 7.3.11
PHP	PHP	PHP versions 7.1.x antérieures à 7.1.33
PHP	PHP	PHP versions 7.2.x antérieures à 7.2.24

References

Title

Publication Time

Tags

Bulletin de sécurité PHP 7.3.11 du 24 octobre 2019	None	vendor-advisory
Bulletin de sécurité PHP 7.1.33 du 24 octobre 2019	None	vendor-advisory
Bulletin de sécurité PHP 7.2.24 du 24 octobre 2019	None	vendor-advisory
Avis du CertFR du 24 octobre 2019	None	vendor-advisory
Article de la société Tenable du 24 octobre 2019	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "PHP versions 7.3.x ant\u00e9rieures \u00e0 7.3.11",
      "product": {
        "name": "PHP",
        "vendor": {
          "name": "PHP",
          "scada": false
        }
      }
    },
    {
      "description": "PHP versions 7.1.x ant\u00e9rieures \u00e0 7.1.33",
      "product": {
        "name": "PHP",
        "vendor": {
          "name": "PHP",
          "scada": false
        }
      }
    },
    {
      "description": "PHP versions 7.2.x ant\u00e9rieures \u00e0 7.2.24",
      "product": {
        "name": "PHP",
        "vendor": {
          "name": "PHP",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2020-01-08",
  "content": "## Solution\n\nLe CERT-FR recommande de mettre \u00e0 jour PHP vers une version non\nvuln\u00e9rable sans attendre.\n\n## Contournement provisoire\n\nIl est possible de se pr\u00e9munir contre ce code d\u0027exploitation en\nv\u00e9rifiant l\u0027existence du fichier PHP. Ainsi, les requ\u00eates malform\u00e9es\nsont filtr\u00e9es au niveau de nginx, de cette mani\u00e8re l\u0027attaquant n\u0027est pas\ncapable d\u0027exploiter la vuln\u00e9rabilit\u00e9 dans php-fpm.\n\nAfin de mettre en place ce contournement provisoire, il faut ins\u00e9rer\n`try_files $uri =404;` avant de passer la requ\u00eate \u00e0 php-fpm (avant la\nligne `fastcgi_pass` dans l\u0027exemple plus haut).\n",
  "cves": [
    {
      "name": "CVE-2019-11043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11043"
    }
  ],
  "initial_release_date": "2019-10-29T00:00:00",
  "last_revision_date": "2020-01-08T00:00:00",
  "links": [
    {
      "title": "Article de la soci\u00e9t\u00e9 Tenable du 24 octobre 2019",
      "url": "https://www.tenable.com/blog/cve-2019-11043-vulnerability-in-php-fpm-could-lead-to-remote-code-execution-on-nginx"
    }
  ],
  "reference": "CERTFR-2019-ALE-014",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-10-29T00:00:00.000000"
    },
    {
      "description": "Ajout du contournement",
      "revision_date": "2019-10-30T00:00:00.000000"
    },
    {
      "description": "Cl\u00f4ture de l\u0027alerte.",
      "revision_date": "2020-01-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Le CERT-FR a publi\u00e9 un avis concernant la CVE-2019-11043 qui affecte PHP\net permet l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n\nUn code d\u0027exploitation est maintenant disponible sur internet,\nfacilitant l\u0027utilisation de cette vuln\u00e9rabilit\u00e9.\n\nCe code d\u0027exploitation n\u00e9cessite une configuration commun\u00e9ment\nrecommand\u00e9e de nginx et php-fpm utilisant `fastcgi_split_path_info`.\nVoici un exemple de configuration vuln\u00e9rable:\n\n    location ~ [^/]\\.php(/|$) {\n     ...\n     fastcgi_split_path_info ^(.+?\\.php)(/.*)$;\n     fastcgi_param PATH_INFO $fastcgi_path_info;\n     fastcgi_pass php:9000;\n     ...\n    }\n\nIl est possible que d\u0027autres chemins d\u0027exploitation non connus \u00e0 ce jour\npermettent d\u0027abuser de la vuln\u00e9rabilit\u00e9.\n\nLe CERT-FR recommande fortement la mise \u00e0 jour de php vers une version\nnon vuln\u00e9rable, et ce dans les plus brefs d\u00e9lais si votre configuration\nnginx utilise `fastcgi_split_path_info`.\n\nLes versions de PHP ant\u00e9rieures \u00e0 7.1 peuvent \u00eatre \u00e9galement affect\u00e9es,\net ne b\u00e9n\u00e9ficieront pas de mise \u00e0 jour. Il est primordial d\u0027utiliser une\nversion support\u00e9e par l\u0027\u00e9diteur.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans PHP",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 PHP 7.3.11 du 24 octobre 2019",
      "url": "https://www.php.net/ChangeLog-7.php#7.3.11"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 PHP 7.1.33 du 24 octobre 2019",
      "url": "https://www.php.net/ChangeLog-7.php#7.1.33"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 PHP 7.2.24 du 24 octobre 2019",
      "url": "https://www.php.net/ChangeLog-7.php#7.2.24"
    },
    {
      "published_at": null,
      "title": "Avis du CertFR du 24 octobre 2019",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2019-AVI-534/"
    }
  ]
}

FKIE_CVE-2019-11043

Vulnerability from fkie_nvd - Published: 2019-10-28 15:15 - Updated: 2025-11-03 19:23

Severity ?

8.7 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security@php.net	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html	Mailing List, Third Party Advisory
security@php.net	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html	Mailing List, Third Party Advisory
security@php.net	http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
security@php.net	http://seclists.org/fulldisclosure/2020/Jan/40	Mailing List, Third Party Advisory
security@php.net	https://access.redhat.com/errata/RHSA-2019:3286	Third Party Advisory
security@php.net	https://access.redhat.com/errata/RHSA-2019:3287	Third Party Advisory
security@php.net	https://access.redhat.com/errata/RHSA-2019:3299	Third Party Advisory
security@php.net	https://access.redhat.com/errata/RHSA-2019:3300	Third Party Advisory
security@php.net	https://access.redhat.com/errata/RHSA-2019:3724	Third Party Advisory
security@php.net	https://access.redhat.com/errata/RHSA-2019:3735	Third Party Advisory
security@php.net	https://access.redhat.com/errata/RHSA-2019:3736	Third Party Advisory
security@php.net	https://access.redhat.com/errata/RHSA-2020:0322	Third Party Advisory
security@php.net	https://bugs.php.net/bug.php?id=78599	Exploit, Issue Tracking, Patch, Vendor Advisory
security@php.net	https://github.com/neex/phuip-fpizdam	Exploit, Third Party Advisory
security@php.net	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/	Mailing List, Third Party Advisory
security@php.net	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/	Mailing List, Third Party Advisory
security@php.net	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/	Mailing List, Third Party Advisory
security@php.net	https://seclists.org/bugtraq/2020/Jan/44	Mailing List, Third Party Advisory
security@php.net	https://security.netapp.com/advisory/ntap-20191031-0003/	Third Party Advisory
security@php.net	https://support.apple.com/kb/HT210919	Third Party Advisory
security@php.net	https://support.f5.com/csp/article/K75408500?utm_source=f5support&amp%3Butm_medium=RSS	Third Party Advisory
security@php.net	https://usn.ubuntu.com/4166-1/	Third Party Advisory
security@php.net	https://usn.ubuntu.com/4166-2/	Third Party Advisory
security@php.net	https://www.debian.org/security/2019/dsa-4552	Mailing List, Third Party Advisory
security@php.net	https://www.debian.org/security/2019/dsa-4553	Mailing List, Third Party Advisory
security@php.net	https://www.synology.com/security/advisory/Synology_SA_19_36	Third Party Advisory
security@php.net	https://www.tenable.com/security/tns-2021-14	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2020/Jan/40	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:3286	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:3287	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:3299	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:3300	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:3724	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:3735	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:3736	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2020:0322	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugs.php.net/bug.php?id=78599	Exploit, Issue Tracking, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/neex/phuip-fpizdam	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://seclists.org/bugtraq/2020/Jan/44	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20191031-0003/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/kb/HT210919	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K75408500?utm_source=f5support&amp%3Butm_medium=RSS	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/4166-1/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/4166-2/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2019/dsa-4552	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2019/dsa-4553	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.synology.com/security/advisory/Synology_SA_19_36	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.tenable.com/security/tns-2021-14	Third Party Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-11043	US Government Resource

Impacted products

Vendor	Product	Version
php	php	*
php	php	*
php	php	*
canonical	ubuntu_linux	12.04
canonical	ubuntu_linux	14.04
canonical	ubuntu_linux	16.04
canonical	ubuntu_linux	18.04
canonical	ubuntu_linux	19.04
canonical	ubuntu_linux	19.10
debian	debian_linux	9.0
debian	debian_linux	10.0
fedoraproject	fedora	29
fedoraproject	fedora	30
fedoraproject	fedora	31
tenable	tenable.sc	*
redhat	software_collections	1.0
redhat	enterprise_linux	8.0
redhat	enterprise_linux_desktop	6.0
redhat	enterprise_linux_desktop	7.0
redhat	enterprise_linux_eus	7.7
redhat	enterprise_linux_eus	8.1
redhat	enterprise_linux_eus	8.2
redhat	enterprise_linux_eus	8.4
redhat	enterprise_linux_eus	8.6
redhat	enterprise_linux_eus	8.8
redhat	enterprise_linux_eus_compute_node	7.7
redhat	enterprise_linux_for_arm_64	8.0_aarch64
redhat	enterprise_linux_for_arm_64_eus	8.1_aarch64
redhat	enterprise_linux_for_arm_64_eus	8.2_aarch64
redhat	enterprise_linux_for_arm_64_eus	8.4_aarch64
redhat	enterprise_linux_for_arm_64_eus	8.6_aarch64
redhat	enterprise_linux_for_arm_64_eus	8.8_aarch64
redhat	enterprise_linux_for_ibm_z_systems	6.0_s390x
redhat	enterprise_linux_for_ibm_z_systems	7.0_s390x
redhat	enterprise_linux_for_ibm_z_systems	8.0_s390x
redhat	enterprise_linux_for_ibm_z_systems_eus	7.7_s390x
redhat	enterprise_linux_for_ibm_z_systems_eus	8.1_s390x
redhat	enterprise_linux_for_ibm_z_systems_eus	8.2_s390x
redhat	enterprise_linux_for_ibm_z_systems_eus	8.4_s390x
redhat	enterprise_linux_for_ibm_z_systems_eus	8.6_s390x
redhat	enterprise_linux_for_ibm_z_systems_eus	8.8_s390x
redhat	enterprise_linux_for_power_big_endian	6.0_ppc64
redhat	enterprise_linux_for_power_big_endian	7.0_ppc64
redhat	enterprise_linux_for_power_big_endian_eus	7.7_ppc64
redhat	enterprise_linux_for_power_little_endian	7.0_ppc64le
redhat	enterprise_linux_for_power_little_endian	8.0_ppc64le
redhat	enterprise_linux_for_power_little_endian_eus	7.7_ppc64le
redhat	enterprise_linux_for_power_little_endian_eus	8.1_ppc64le
redhat	enterprise_linux_for_power_little_endian_eus	8.2_ppc64le
redhat	enterprise_linux_for_power_little_endian_eus	8.4_ppc64le
redhat	enterprise_linux_for_power_little_endian_eus	8.6_ppc64le
redhat	enterprise_linux_for_power_little_endian_eus	8.8_ppc64le
redhat	enterprise_linux_for_scientific_computing	7.0
redhat	enterprise_linux_server	6.0
redhat	enterprise_linux_server	7.0
redhat	enterprise_linux_server_aus	7.7
redhat	enterprise_linux_server_aus	8.2
redhat	enterprise_linux_server_aus	8.4
redhat	enterprise_linux_server_aus	8.6
redhat	enterprise_linux_server_tus	7.7
redhat	enterprise_linux_server_tus	8.2
redhat	enterprise_linux_server_tus	8.4
redhat	enterprise_linux_server_tus	8.6
redhat	enterprise_linux_server_tus	8.8
redhat	enterprise_linux_workstation	6.0
redhat	enterprise_linux_workstation	7.0

JSON

To clipboard

{
  "cisaActionDue": "2022-04-15",
  "cisaExploitAdd": "2022-03-25",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1C2F51F-19AA-4313-AE96-59F46F55D200",
              "versionEndExcluding": "7.1.33",
              "versionStartIncluding": "7.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6F43FF3-D1EB-473C-9B3A-96C21F63117D",
              "versionEndExcluding": "7.2.24",
              "versionStartIncluding": "7.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86C83E2A-D2FD-4A12-BD6A-6D48EDFFACC4",
              "versionEndExcluding": "7.3.11",
              "versionStartIncluding": "7.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
              "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
              "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
              "matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
              "matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
              "matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "41DBA7C7-8084-45F6-B59D-13A9022C34DF",
              "versionEndExcluding": "5.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D7EE4B6-A6EC-4B9B-91DF-79615796673F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "92BC9265-6959-4D37-BE5E-8C45E98992F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "831F0F47-3565-4763-B16F-C87B1FF2035E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3F09B5-569F-4C58-9FCA-3C0953D107B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C3741B8-851F-475D-B428-523F4F722350",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "62C31522-0A17-4025-B269-855C7F4B45C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DAA8C42-870A-42B4-AE9F-7C67F4122ED3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A47EF78-A5B6-4B89-8B74-EEB0647C549F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.1_aarch64:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF1A19F-8A15-471A-B496-E1B4BA788356",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.2_aarch64:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD7EC1D-5979-42E6-9DA6-355B53431F3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.4_aarch64:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE49DCA5-1B01-4478-A1E9-2E87E948A0C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B7CE5C-BFEA-4F96-9759-D511EF189059",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*",
              "matchCriteriaId": "213593D4-EB5A-4A1B-BDF3-3F043C5F6A6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "C84EAAE7-0249-4EA1-B8D3-E039B03ACDC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "2148300C-ECBD-4ED5-A164-79629859DD43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "32AF225E-94C0-4D07-900C-DD868C05F554",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.7_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFC68D88-3CD3-4A3D-A01B-E9DBACD9B9CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.1_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "00966AC5-1C84-4B5F-9665-5E99D4AEB3A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D04F433-CB52-4F3D-8711-39D3BDA27FE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "07332196-7E36-4E95-81BC-DD959629C1BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "B758EDC9-6421-422C-899E-A273D2936D8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "22C65F53-D624-48A9-A9B7-4C78A31E19F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D8D654F-2442-4EA0-AF89-6AC2CD214772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BCF87FD-9358-42A5-9917-25DF0180A5A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0_ppc64le:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A584AAA-A14F-4C64-8FED-675DC36F69A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*",
              "matchCriteriaId": "23D471AC-7DCA-4425-AD91-E5D928753A8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.7_ppc64le:*:*:*:*:*:*:*",
              "matchCriteriaId": "418488A5-2912-406C-9337-B8E85D0C2B57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1_ppc64le:*:*:*:*:*:*:*",
              "matchCriteriaId": "F505D098-2143-4218-A528-D92BFC017FFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2_ppc64le:*:*:*:*:*:*:*",
              "matchCriteriaId": "96E5CEC7-D3B9-4895-96E9-E26D2ACF1AE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4_ppc64le:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB28CF82-799F-4A6E-B1DB-0AB423E6C05D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9C30C59-07F7-4CCE-B057-052ECCD36DB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*",
              "matchCriteriaId": "F91F9255-4EE1-43C7-8831-D2B6C228BFD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "37CE1DC7-72C5-483C-8921-0B462C8284D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6897676D-53F9-45B3-B27F-7FF9A4C58D33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E28F226A-CBC7-4A32-BE58-398FA5B42481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C24D94-834A-4E9D-8F73-624AFA99AAA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B09ACF2D-D83F-4A86-8185-9569605D8EE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC10D919-57FD-4725-B8D2-39ECB476902F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1272DF03-7674-4BD4-8E64-94004B195448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CA946D-1665-4874-9D41-C7D963DD1F56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution."
    },
    {
      "lang": "es",
      "value": "En PHP versiones 7.1.x anteriores a la versi\u00f3n  7.1.33, versiones 7.2.x anteriores a la versi\u00f3n 7.2.24 y versiones 7.3.x anteriores a 7.3.11, en ciertas configuraciones del FPM setup, es posible causar que el m\u00f3dulo FPM escriba m\u00e1s all\u00e1 de los b\u00faferes asignados en el espacio reservado para datos de protocolo FCGI, abriendo as\u00ed la posibilidad de ejecuci\u00f3n de c\u00f3digo remota."
    }
  ],
  "id": "CVE-2019-11043",
  "lastModified": "2025-11-03T19:23:46.417",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.8,
        "source": "security@php.net",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-28T15:15:13.863",
  "references": [
    {
      "source": "security@php.net",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2020/Jan/40"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:3286"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:3287"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:3299"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:3300"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:3724"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:3735"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:3736"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2020:0322"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://bugs.php.net/bug.php?id=78599"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/neex/phuip-fpizdam"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://seclists.org/bugtraq/2020/Jan/44"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20191031-0003/"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/kb/HT210919"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K75408500?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/4166-1/"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/4166-2/"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2019/dsa-4552"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2019/dsa-4553"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.synology.com/security/advisory/Synology_SA_19_36"
    },
    {
      "source": "security@php.net",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-14"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2020/Jan/40"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:3286"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:3287"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:3299"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:3300"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:3724"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:3735"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:3736"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2020:0322"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://bugs.php.net/bug.php?id=78599"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/neex/phuip-fpizdam"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://seclists.org/bugtraq/2020/Jan/44"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20191031-0003/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/kb/HT210919"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K75408500?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/4166-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/4166-2/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2019/dsa-4552"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2019/dsa-4553"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.synology.com/security/advisory/Synology_SA_19_36"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-14"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-11043"
    }
  ],
  "sourceIdentifier": "security@php.net",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "security@php.net",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-11043 (GCVE-0-2019-11043)

Solution

Solution

Solution

Solution

Vulnerability from osv_almalinux

Vulnerability from osv_almalinux

Solution

Contournement provisoire

Tags

Sightings

Nomenclature