php7

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description A general-purpose scripting language that is especially suited to web development
Version 7.4.25-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2487 7.4.24-2 7.4.25-1 Medium Fixed
AVG-2421 7.4.23-1 7.4.24-1 Medium Not affected
AVG-2133 7.4.20-1 7.4.21-1 Medium Fixed
AVG-1532 7.4.14-1 7.4.15-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2021-21706 AVG-2421 Medium Yes Directory traversal
A security issue has been found in PHP on Windows before versions 8.0.11 and 7.4.24. It is possible to construct ZIP archives containing files which are...
CVE-2021-21705 AVG-2133 Medium Yes Insufficient validation
A security issue was found in the php_url_parse_ex() function in PHP before versions 8.0.8 and 7.4.21, which leads to FILTER_VALIDATE_URL accepting URLs...
CVE-2021-21704 AVG-2133 Medium Yes Denial of service
Multiple bugs in the pdo_firebase module allow a malicious firebase server or man-in-the-middle attacker to crash PHP before versions 8.0.8 and 7.4.21.
CVE-2021-21703 AVG-2487 Medium No Privilege escalation
A security issue was found in PHP before versions 8.0.12 and 7.4.25 in the PHP-FPM component. An out-of-bounds read/write in the root FPM at arbitrary...
CVE-2021-21702 AVG-1532 Medium Yes Denial of service
A security issue was found in PHP before versions 8.0.2, 7.4.15 and 7.3.27. PHP will crash with a SIGSEGV via null-pointer dereference whenever an XML is...

Advisories

Date Advisory Group Severity Type
06 Jul 2021 ASA-202107-16 AVG-2133 Medium multiple issues
06 Feb 2021 ASA-202102-14 AVG-1532 Medium denial of service