CVE-2021-21702 log

Severity Medium
Remote Yes
Type Denial of service
A security issue was found in PHP before versions 8.0.2, 7.4.15 and 7.3.27. PHP will crash with a SIGSEGV via null-pointer dereference whenever an XML is provided to the SoapClient query() function without an existing field. The issue is fixed in versions 8.0.2, 7.4.15 and 7.3.27.
Group Package Affected Fixed Severity Status Ticket
AVG-1532 php7 7.4.14-1 7.4.15-1 Medium Fixed
AVG-1531 php 8.0.1-1 8.0.2-1 Medium Fixed
Date Advisory Group Package Severity Type
07 Feb 2021 ASA-202102-15 AVG-1531 php Medium denial of service
06 Feb 2021 ASA-202102-14 AVG-1532 php7 Medium denial of service