In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, such as getAttribute(), execute(), fetch() and others by returning invalid response data that is not parsed correctly by the driver. This can result in crashes, denial of service or potentially memory corruption.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: php

Published: 2021-10-04T04:00:13.838637Z

Updated: 2024-09-17T00:45:32.187Z

Reserved: 2021-01-04T00:00:00

Link: CVE-2021-21704

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2021-10-04T04:15:07.737

Modified: 2022-10-25T14:58:32.663

Link: CVE-2021-21704

cve-icon Redhat

Severity : Moderate

Publid Date: 2021-07-01T00:00:00Z

Links: CVE-2021-21704 - Bugzilla