CVE-2021-21704 - log back

CVE-2021-21704 edited at 02 Jul 2021 13:15:16
Description
- A bug in the pdo_firebase module allows a malicious firebase server or man-in-the-middle attacker to crash PHP before versions 8.0.8 and 7.4.21.
+ Multiple bugs in the pdo_firebase module allow a malicious firebase server or man-in-the-middle attacker to crash PHP before versions 8.0.8 and 7.4.21.
References
https://www.php.net/ChangeLog-8.php#8.0.8
https://www.php.net/ChangeLog-7.php#7.4.21
+ https://bugs.php.net/bug.php?id=76448
+ https://bugs.php.net/bug.php?id=76449
+ https://bugs.php.net/bug.php?id=76450
https://bugs.php.net/bug.php?id=76452
https://github.com/php/php-src/commit/1edd284cd56ce4c23f6fdf66050e4a722e6515c5
+ https://github.com/php/php-src/commit/8cb87aabba0b2e284428aabca13401d1ad54bc97
+ https://github.com/php/php-src/commit/921f320ec2baabd24e5ff182d9fb73092eb28676
+ https://github.com/php/php-src/commit/c8620a753114fac789016a4e6ae9c9b1210be10f
https://github.com/php/php-src/commit/1d4c3114afe8f7dde51f917cd14dc4600a3a40f0
+ https://github.com/php/php-src/commit/922ea3419923c74471f01ff8c6ea30f0a07d8e19
+ https://github.com/php/php-src/commit/08fc2960bccd4f04031d10099c82cf8d76cfa501
+ https://github.com/php/php-src/commit/e92d5edeeeed809bc3a06b165e4f0a63bcabdb92
CVE-2021-21704 edited at 02 Jul 2021 13:09:45
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ A bug in the pdo_firebase module allows a malicious firebase server or man-in-the-middle attacker to crash PHP before versions 8.0.8 and 7.4.21.
References
+ https://www.php.net/ChangeLog-8.php#8.0.8
+ https://www.php.net/ChangeLog-7.php#7.4.21
+ https://bugs.php.net/bug.php?id=76452
+ https://github.com/php/php-src/commit/1edd284cd56ce4c23f6fdf66050e4a722e6515c5
+ https://github.com/php/php-src/commit/1d4c3114afe8f7dde51f917cd14dc4600a3a40f0
Notes
CVE-2021-21704 created at 02 Jul 2021 13:03:36