PHP-FPM Critical Vulnerability (CVE-2019-11043)

It became known about the critical vulnerability of PHP-FPM (CVE-2019-11043), which allows you to remotely execute malicious code on the server.

Corrective releases of PHP 7.3.11, 7.1.33 and 7.2.24 are already available, which fixed this vulnerability. You can find them here.

By information, the attack is possible in nginx configurations, in which the PHP-FPM forwarding is performed with the separation of URL parts using “fastcgi_split_path_info” and the definition of the PATH_INFO environment variable, but without first checking the existence of the file with the “try_files $fastcgi_script_name” directive or the “if (!-f $document_root$fastcgi_script_name)”.


▪ Стабильные.
▪ В рублях.
▪ Не зависят от $ и €.
▪ Мы  !
▪ Скидка при оплате за год!

Юридическим лицам

Договор и полный комплект бухгалтерских документов по почте.

This website uses anonymous performance cookies to ensure you get the best experience on our website. We never use targeting or advertising cookies.