Lucene search
DebianDEBIAN:DSA-4993-1:44E77HistoryOct 25, 2021 - 8:25 p.m.
[SECURITY] [DSA 4993-1] php7.3 security update
2021-10-2520:25:37
lists.debian.org
30
0.001 Low
EPSS
Percentile
51.0%
Debian Security Advisory DSA-4993-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
October 25, 2021 https://www.debian.org/security/faq
Package : php7.3
CVE ID : CVE-2021-21703
An out-of-bounds read and write flaw was discovered in the PHP-FPM code,
which could result in escalation of privileges from local unprivileged
user to the root user.
For the oldstable distribution (buster), this problem has been fixed
in version 7.3.31-1~deb10u1.
We recommend that you upgrade your php7.3 packages.
For the detailed security status of php7.3 please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/php7.3
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: [email protected]
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 11 | s390x | php7.4-opcache-dbgsym | < 7.4.25-1+deb11u1 | php7.4-opcache-dbgsym_7.4.25-1+deb11u1_s390x.deb |
| Debian | 11 | ppc64el | php7.4-sybase | < 7.4.25-1+deb11u1 | php7.4-sybase_7.4.25-1+deb11u1_ppc64el.deb |
| Debian | 9 | armhf | libapache2-mod-php7.0 | < 7.0.33-0+deb9u12 | libapache2-mod-php7.0_7.0.33-0+deb9u12_armhf.deb |
| Debian | 11 | ppc64el | php7.4-dba-dbgsym | < 7.4.25-1+deb11u1 | php7.4-dba-dbgsym_7.4.25-1+deb11u1_ppc64el.deb |
| Debian | 10 | mips64el | php7.3-mysql | < 7.3.31-1~deb10u1 | php7.3-mysql_7.3.31-1~deb10u1_mips64el.deb |
| Debian | 11 | mips64el | php7.4-readline-dbgsym | < 7.4.25-1+deb11u1 | php7.4-readline-dbgsym_7.4.25-1+deb11u1_mips64el.deb |
| Debian | 10 | ppc64el | php7.3-gd | < 7.3.31-1~deb10u1 | php7.3-gd_7.3.31-1~deb10u1_ppc64el.deb |
| Debian | 10 | amd64 | php7.3-cli | < 7.3.31-1~deb10u1 | php7.3-cli_7.3.31-1~deb10u1_amd64.deb |
| Debian | 10 | i386 | php7.3-fpm-dbgsym | < 7.3.31-1~deb10u1 | php7.3-fpm-dbgsym_7.3.31-1~deb10u1_i386.deb |
| Debian | 10 | s390x | php7.3-gd | < 7.3.31-1~deb10u1 | php7.3-gd_7.3.31-1~deb10u1_s390x.deb |
Related
openvas
openvas
Fedora: Security Advisory for php (FEDORA-2021-9f68f5f752)
2021-10-30 00:00:00
Debian: Security Advisory (DSA-4992-1)
2021-10-27 00:00:00
Debian: Security Advisory (DSA-4993-1)
2021-10-27 00:00:00
nessus
nessus
EulerOS Virtualization 3.0.6.0 : php (EulerOS-SA-2022-1050)
2022-02-11 00:00:00
PHP 7.3.x < 7.3.32
2021-10-28 00:00:00
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : PHP vulnerability (USN-5125-1)
2021-10-27 00:00:00
debian
debian
[SECURITY] [DLA 2794-1] php7.0 security update
2021-10-27 10:46:54
[SECURITY] [DSA 4993-1] php7.3 security update
2021-10-25 20:25:37
[SECURITY] [DSA 4992-1] php7.4 security update
2021-10-25 20:20:43
osv
osv
php7.4 - security update
2021-10-25 00:00:00
php5, php7.0, php7.2, php7.4, php8.0 vulnerability
2021-10-27 21:50:28
BIT-php-2021-21703
2024-03-06 11:05:23
fedora
fedora
[SECURITY] Fedora 34 Update: php-7.4.25-1.fc34
2021-10-28 19:32:00
[SECURITY] Fedora 33 Update: php-7.4.25-1.fc33
2021-10-28 19:31:32
[SECURITY] Fedora 35 Update: php-8.0.12-2.fc35
2021-11-03 01:12:32
debiancve
debiancve
CVE-2021-21703
2021-10-25 06:15:06
alpinelinux
alpinelinux
CVE-2021-21703
2021-10-25 06:15:06
ubuntu
ubuntu
PHP vulnerability
2021-10-27 00:00:00
f5
f5
K17839423 : PHP vulnerability CVE-2021-21703
2021-11-09 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package php8.1 version 8.0.12-alt1
2021-10-28 00:00:00
Security fix for the ALT Linux 10 package php8.0 version 8.0.12-alt1
2021-11-02 00:00:00
Security fix for the ALT Linux 10 package php8.2 version 8.0.12-alt1
2021-10-28 00:00:00
cve
cve
CVE-2021-21703
2021-10-25 06:15:06
cvelist
cvelist
cbl_mariner
cbl_mariner
CVE-2021-21703 affecting package php 7.4.14-3
2024-07-05 21:08:40
veracode
veracode
Privilege Escalation
2021-10-22 03:13:17
prion
prion
Code injection
2021-10-25 06:15:00
nvd
nvd
CVE-2021-21703
2021-10-25 06:15:06
redhatcve
redhatcve
CVE-2021-21703
2021-10-21 21:02:35
mageia
mageia
Updated php packages fix security vulnerability
2021-10-31 14:12:48
ubuntucve
ubuntucve
CVE-2021-21703
2021-10-21 00:00:00
redhat
redhat
(RHSA-2022:1935) Moderate: php:7.4 security update
2022-05-10 06:39:36
(RHSA-2022:5491) Important: rh-php73-php security and bug fix update
2022-07-04 07:07:16
rocky
rocky
php:7.4 security update
2022-05-10 06:39:36
suse
suse
Recommended update for php7 (moderate)
2021-12-10 00:00:00
Recommended update for php7 (moderate)
2021-12-06 00:00:00
Security update for php8 (important)
2022-10-19 00:00:00
oraclelinux
oraclelinux
php:7.4 security update
2022-05-17 00:00:00
almalinux
almalinux
Moderate: php:7.4 security update
2022-05-10 00:00:00
cloudlinux
cloudlinux
Fix of CVE: CVE-2021-21704, CVE-2021-21703, CVE-2021-21705
2021-11-23 13:13:13
Fix of CVE: CVE-2021-21705, CVE-2021-21704, CVE-2021-21703
2021-11-10 18:27:35
ibm
ibm
gentoo
gentoo
PHP: Multiple Vulnerabilities
2022-09-29 00:00:00
redos
redos
ROS-20220826-01
2022-08-26 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2022
2022-01-18 00:00:00
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00