vulnerability
Red Hat: CVE-2021-21702: CVE-2021-21702 php: NULL pointer dereference in SoapClient (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Feb 15, 2021 | Nov 10, 2021 | Aug 11, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Feb 15, 2021
Added
Nov 10, 2021
Modified
Aug 11, 2025
Description
In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious SOAP server could return malformed XML data as a response that would cause PHP to access a null pointer and thus cause a crash.
Solutions
no-fix-redhat-rpm-packageredhat-upgrade-apcu-panelredhat-upgrade-libzipredhat-upgrade-libzip-debuginforedhat-upgrade-libzip-debugsourceredhat-upgrade-libzip-develredhat-upgrade-libzip-toolsredhat-upgrade-libzip-tools-debuginforedhat-upgrade-phpredhat-upgrade-php-bcmathredhat-upgrade-php-bcmath-debuginforedhat-upgrade-php-cliredhat-upgrade-php-cli-debuginforedhat-upgrade-php-commonredhat-upgrade-php-common-debuginforedhat-upgrade-php-dbaredhat-upgrade-php-dba-debuginforedhat-upgrade-php-dbgredhat-upgrade-php-dbg-debuginforedhat-upgrade-php-debuginforedhat-upgrade-php-debugsourceredhat-upgrade-php-develredhat-upgrade-php-embeddedredhat-upgrade-php-embedded-debuginforedhat-upgrade-php-enchantredhat-upgrade-php-enchant-debuginforedhat-upgrade-php-ffiredhat-upgrade-php-ffi-debuginforedhat-upgrade-php-fpmredhat-upgrade-php-fpm-debuginforedhat-upgrade-php-gdredhat-upgrade-php-gd-debuginforedhat-upgrade-php-gmpredhat-upgrade-php-gmp-debuginforedhat-upgrade-php-intlredhat-upgrade-php-intl-debuginforedhat-upgrade-php-jsonredhat-upgrade-php-json-debuginforedhat-upgrade-php-ldapredhat-upgrade-php-ldap-debuginforedhat-upgrade-php-mbstringredhat-upgrade-php-mbstring-debuginforedhat-upgrade-php-mysqlndredhat-upgrade-php-mysqlnd-debuginforedhat-upgrade-php-odbcredhat-upgrade-php-odbc-debuginforedhat-upgrade-php-opcacheredhat-upgrade-php-opcache-debuginforedhat-upgrade-php-pdoredhat-upgrade-php-pdo-debuginforedhat-upgrade-php-pearredhat-upgrade-php-pecl-apcuredhat-upgrade-php-pecl-apcu-debuginforedhat-upgrade-php-pecl-apcu-debugsourceredhat-upgrade-php-pecl-apcu-develredhat-upgrade-php-pecl-rrdredhat-upgrade-php-pecl-rrd-debuginforedhat-upgrade-php-pecl-rrd-debugsourceredhat-upgrade-php-pecl-xdebugredhat-upgrade-php-pecl-xdebug-debuginforedhat-upgrade-php-pecl-xdebug-debugsourceredhat-upgrade-php-pecl-zipredhat-upgrade-php-pecl-zip-debuginforedhat-upgrade-php-pecl-zip-debugsourceredhat-upgrade-php-pgsqlredhat-upgrade-php-pgsql-debuginforedhat-upgrade-php-processredhat-upgrade-php-process-debuginforedhat-upgrade-php-snmpredhat-upgrade-php-snmp-debuginforedhat-upgrade-php-soapredhat-upgrade-php-soap-debuginforedhat-upgrade-php-xmlredhat-upgrade-php-xml-debuginforedhat-upgrade-php-xmlrpcredhat-upgrade-php-xmlrpc-debuginfo
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.