Uncategorized

CVE-2019-11043 – Vulnerability in PHP-FPM Could Lead to Remote Code Execution on nginx – mitigation applied

Pending the qualification of the release of the RPM for PHP7.3.11 (we have deprecated PHP7.2 and earlier across our core webservers), we have applied mitigations to all hosted customer websites.

Whilst we have made every effort to test for any anomalies that might be caused by the patch, given the scale of the mitigation, we are unable to verify that every PHP powered website continues to work as planned. Do let us know via email or in the contact form if this mitigation impacts your website in any way.

For details of CVE-2019-11043, read here