CVE-2019-11043: PHP FastCGI Process Manager (FPM) Buffer Overflow
PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability. In some versions of PHP in certain configurations of FPM setup, it is possible to cause FPM module to write past allocated buffers allowing the possibility of remote code execution.
- CISA KEV-listed (remediation due 2022-04-15)
- used in ransomware campaigns
- EPSS 94.1% (99.9% percentile)