DEBIAN-CVE-2021-21704

DEBIAN-CVE-2021-21704 PUBLISHED CVSS 5.900000095367432 MEDIUM

In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, such as getAttribute(), execute(), fetch() and others by returning invalid response data that is not parsed correctly by the driver. This can result in crashes, denial of service or potentially memory corruption.

Risk Scores

CVSS v3.1

5.900000095367432

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:11	php7.4	0, 0, 0

Timeline

Oct 4, 2021 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2021-21704 advisory

Open in Interactive Console →