vulnerability
Alma Linux: CVE-2021-21702: Moderate: php:7.4 security, bug fix, and enhancement update (ALSA-2021-4213)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Feb 15, 2021 | May 13, 2022 | Nov 26, 2024 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Feb 15, 2021
Added
May 13, 2022
Modified
Nov 26, 2024
Description
In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious SOAP server could return malformed XML data as a response that would cause PHP to access a null pointer and thus cause a crash.
Solution(s)
alma-upgrade-apcu-panelalma-upgrade-libzipalma-upgrade-libzip-develalma-upgrade-libzip-toolsalma-upgrade-phpalma-upgrade-php-bcmathalma-upgrade-php-clialma-upgrade-php-commonalma-upgrade-php-dbaalma-upgrade-php-dbgalma-upgrade-php-develalma-upgrade-php-embeddedalma-upgrade-php-enchantalma-upgrade-php-ffialma-upgrade-php-fpmalma-upgrade-php-gdalma-upgrade-php-gmpalma-upgrade-php-intlalma-upgrade-php-jsonalma-upgrade-php-ldapalma-upgrade-php-mbstringalma-upgrade-php-mysqlndalma-upgrade-php-odbcalma-upgrade-php-opcachealma-upgrade-php-pdoalma-upgrade-php-pearalma-upgrade-php-pecl-apcualma-upgrade-php-pecl-apcu-develalma-upgrade-php-pecl-rrdalma-upgrade-php-pecl-xdebugalma-upgrade-php-pecl-zipalma-upgrade-php-pgsqlalma-upgrade-php-processalma-upgrade-php-snmpalma-upgrade-php-soapalma-upgrade-php-xmlalma-upgrade-php-xmlrpc
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.