In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, such as getAttribute(), execute(), fetch() and others by returning invalid response data that is not parsed correctly by the driver. This can result in crashes, denial of service or potentially memory corruption.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: php
Published: 2021-10-04T04:00:13.838637Z
Updated: 2024-09-17T00:45:32.187Z
Reserved: 2021-01-04T00:00:00
Link: CVE-2021-21704
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-10-04T04:15:07.737
Modified: 2022-10-25T14:58:32.663
Link: CVE-2021-21704
Redhat