Loading
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
Use CWE-120, Php vendor hub and Php product page to widen CVE-2019-11043 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2024-11235, CVE-2025-14180 and CVE-2025-14178 for nearby disclosures in the same product family.