Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2021-21707

Published: 29/11/2021 Updated: 16/02/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 446
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Php

Vulnerability Summary

It exists that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. (CVE-2015-9253, CVE-2017-8923, CVE-2017-9118, CVE-2017-9120)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

php php

netapp clustered data ontap -

debian debian linux 10.0

debian debian linux 11.0

tenable tenable.sc

Vendor Advisories

Red Hat: Important: rh-php73-php security and bug fix update
Synopsis Important: rh-php73-php security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for rh-php73-php is now available for Red Hat Software CollectionsRed Hat Product Security has rated ...
Red Hat: Moderate: php:7.4 security, bug fix, and enhancement update
Synopsis Moderate: php:74 security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the php:74 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security ...
Debian Security Advisories: DSA-5082-1 php7.4 -- security update
Two security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure or denial of service For the stable distribution (bullseye), these problems have been fixed in version 7428-1+deb11u1 We recommend that you upgrade your php74 packages For the detailed security statu ...
Ubuntu Security Notice: USN-5300-2: PHP vulnerabilities
Several security issues were fixed in PHP ...
Ubuntu Security Notice: USN-5300-1: PHP vulnerabilities
Several security issues were fixed in PHP ...
Ubuntu Security Notice: USN-5300-3: PHP vulnerabilities
Several security issues were fixed in PHP ...
Amazon Linux 2: ALASPHP8.0-2023-001
A flaw was found in php The main cause of this vulnerability is improper input validation while parsing an Extensible Markup Language(XML) entity A special character could allow an attacker to traverse directories The highest threat from this vulnerability is confidentiality (CVE-2021-21707) ...
Arch Linux Issues:
A security issue has been found in PHP before versions 8013 and 7426 where a libxml-based XML functions accepting a filename actually accept URIs with possibly percent-encoded characters ...
Amazon Linux 2022: ALAS2022-2022-073
A flaw was found in php The main cause of this vulnerability is improper input validation while parsing an Extensible Markup Language(XML) entity A special character could allow an attacker to traverse directories The highest threat from this vulnerability is confidentiality (CVE-2021-21707) A flaw was found in PHP The vulnerability occurs d ...
Tenable Security Advisories: [R1] Tenable.sc 5.21.0 Fixes Multiple Third-Party Vulnerabilities
Tenablesc leverages third-party software to help provide underlying functionality Several of the third-party components were found to contain vulnerabilities, and updated versions have been made available by the providers Out of caution, and in line with best practice, Tenable has upgraded the bundled components to address the potential impact ...

Github Repositories

https://github.com/pgurudatta/php-version-audit

PHP Version Audit PHP Version Audit is a convenience tool to easily check a given PHP version against a regularly updated list of CVE exploits, new releases, and end of life dates PHP Version Audit is not: exploit detection/mitigation, vendor-specific version tracking, a replacement for staying informed on PHP releases and security exploits Features Example Usage D

https://github.com/lightswitch05/php-version-audit

Audit your PHP version for known CVEs and patches

PHP Version Audit PHP Version Audit is a convenience tool to easily check a given PHP version against a regularly updated list of CVE exploits, new releases, and end of life dates PHP Version Audit is not: exploit detection/mitigation, vendor-specific version tracking, a replacement for staying informed on PHP releases and security exploits Features Example Usage D

References

NVD-CWE-Otherhttps://bugs.php.net/bug.php?id=79971https://security.netapp.com/advisory/ntap-20211223-0005/https://www.debian.org/security/2022/dsa-5082https://www.tenable.com/security/tns-2022-09https://lists.debian.org/debian-lts-announce/2022/12/msg00030.htmlhttps://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2022:5491https://ubuntu.com/security/notices/USN-5300-2https://www.debian.org/security/2022/dsa-5082
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook