Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-21707

A flaw was found in php. The main cause of this vulnerability is improper input validation while parsing an Extensible Markup Language(XML) entity. A special character could allow an attacker to traverse directories. The highest threat from this vulnerability is confidentiality. (CVE-2021-21707)

Source

ALASPHP8.0-2023-001

Amazon Linux 2 Security Advisory: ALASPHP8.0-2023-001
Advisory Release Date: 2023-08-04 20:34 Pacific
Advisory Updated Date: 2023-09-13 19:32 Pacific

Severity: Medium

References: CVE-2021-21707
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

A flaw was found in php. The main cause of this vulnerability is improper input validation while parsing an Extensible Markup Language(XML) entity. A special character could allow an attacker to traverse directories. The highest threat from this vulnerability is confidentiality. (CVE-2021-21707)

Affected Packages:

php

Issue Correction:
Run yum update php to update your system.

New Packages:

aarch64:
    php-8.0.13-1.amzn2.aarch64
    php-cli-8.0.13-1.amzn2.aarch64
    php-dbg-8.0.13-1.amzn2.aarch64
    php-fpm-8.0.13-1.amzn2.aarch64
    php-common-8.0.13-1.amzn2.aarch64
    php-devel-8.0.13-1.amzn2.aarch64
    php-opcache-8.0.13-1.amzn2.aarch64
    php-ldap-8.0.13-1.amzn2.aarch64
    php-pdo-8.0.13-1.amzn2.aarch64
    php-mysqlnd-8.0.13-1.amzn2.aarch64
    php-pgsql-8.0.13-1.amzn2.aarch64
    php-process-8.0.13-1.amzn2.aarch64
    php-odbc-8.0.13-1.amzn2.aarch64
    php-soap-8.0.13-1.amzn2.aarch64
    php-snmp-8.0.13-1.amzn2.aarch64
    php-xml-8.0.13-1.amzn2.aarch64
    php-mbstring-8.0.13-1.amzn2.aarch64
    php-gd-8.0.13-1.amzn2.aarch64
    php-bcmath-8.0.13-1.amzn2.aarch64
    php-gmp-8.0.13-1.amzn2.aarch64
    php-dba-8.0.13-1.amzn2.aarch64
    php-embedded-8.0.13-1.amzn2.aarch64
    php-pspell-8.0.13-1.amzn2.aarch64
    php-intl-8.0.13-1.amzn2.aarch64
    php-enchant-8.0.13-1.amzn2.aarch64
    php-sodium-8.0.13-1.amzn2.aarch64
    php-debuginfo-8.0.13-1.amzn2.aarch64

src:
    php-8.0.13-1.amzn2.src

x86_64:
    php-8.0.13-1.amzn2.x86_64
    php-cli-8.0.13-1.amzn2.x86_64
    php-dbg-8.0.13-1.amzn2.x86_64
    php-fpm-8.0.13-1.amzn2.x86_64
    php-common-8.0.13-1.amzn2.x86_64
    php-devel-8.0.13-1.amzn2.x86_64
    php-opcache-8.0.13-1.amzn2.x86_64
    php-ldap-8.0.13-1.amzn2.x86_64
    php-pdo-8.0.13-1.amzn2.x86_64
    php-mysqlnd-8.0.13-1.amzn2.x86_64
    php-pgsql-8.0.13-1.amzn2.x86_64
    php-process-8.0.13-1.amzn2.x86_64
    php-odbc-8.0.13-1.amzn2.x86_64
    php-soap-8.0.13-1.amzn2.x86_64
    php-snmp-8.0.13-1.amzn2.x86_64
    php-xml-8.0.13-1.amzn2.x86_64
    php-mbstring-8.0.13-1.amzn2.x86_64
    php-gd-8.0.13-1.amzn2.x86_64
    php-bcmath-8.0.13-1.amzn2.x86_64
    php-gmp-8.0.13-1.amzn2.x86_64
    php-dba-8.0.13-1.amzn2.x86_64
    php-embedded-8.0.13-1.amzn2.x86_64
    php-pspell-8.0.13-1.amzn2.x86_64
    php-intl-8.0.13-1.amzn2.x86_64
    php-enchant-8.0.13-1.amzn2.x86_64
    php-sodium-8.0.13-1.amzn2.x86_64
    php-debuginfo-8.0.13-1.amzn2.x86_64

Additional References

Red Hat: CVE-2021-21707

Mitre: CVE-2021-21707

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALASPHP8.0-2023-001

ALASPHP8.0-2023-001

Additional References

Vulmon Search

About

Products

Connect