Lucene search
PRIOn knowledge basePRION:CVE-2021-21705HistoryOct 04, 2021 - 4:15 a.m.
Design/Logic Flaw
2021-10-0404:15:00
PRIOn knowledge base
www.prio-n.com
49
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid password field can be accepted as valid. This can lead to the code incorrectly parsing the URL and potentially leading to other security implications - like contacting a wrong server or making a wrong access decision.
Related
redhatcve
redhatcve
CVE-2021-21705
2021-07-02 16:45:56
suse
suse
Security update for php7 (moderate)
2021-07-30 00:00:00
Security update for php7 (important)
2021-08-06 00:00:00
Security update for php7 (important)
2021-08-10 00:00:00
ubuntucve
ubuntucve
CVE-2021-21705
2021-07-02 00:00:00
cvelist
cvelist
CVE-2021-21705 Incorrect URL validation in FILTER_VALIDATE_URL
2021-06-28 00:00:00
osv
osv
BIT-php-2021-21705
2024-03-06 11:05:02
CVE-2021-21705
2021-10-04 04:15:08
Moderate: php:7.4 security update
2022-05-10 00:00:00
alpinelinux
alpinelinux
CVE-2021-21705
2021-10-04 04:15:08
cve
cve
CVE-2021-21705
2021-10-04 04:15:08
debiancve
debiancve
CVE-2021-21705
2021-10-04 04:15:08
veracode
veracode
SSRF Bypass
2021-07-01 17:36:07
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:2564-1)
2021-07-30 00:00:00
openSUSE: Security Advisory for php7 (openSUSE-SU-2021:2575-1)
2021-07-31 00:00:00
PHP < 7.3.29 Multiple Vulnerabilities (Jul 2021) - Linux
2021-07-01 00:00:00
nvd
nvd
CVE-2021-21705
2021-10-04 04:15:08
nessus
nessus
SUSE SLED12 / SLES12 Security Update : php72 (SUSE-SU-2021:2564-1)
2021-07-30 00:00:00
Oracle Linux 8 : php:7.4 (ELSA-2022-1935)
2022-05-18 00:00:00
Rocky Linux 8 : php:7.4 (RLSA-2022:1935)
2023-11-07 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-21705 affecting package php 7.4.14-3
2024-07-06 03:08:40
rocky
rocky
php:7.4 security update
2022-05-10 06:39:36
amazon
amazon
Medium: php73
2021-09-02 22:54:00
redhat
redhat
(RHSA-2022:1935) Moderate: php:7.4 security update
2022-05-10 06:39:36
debian
debian
[SECURITY] [DSA 4935-1] php7.3 security update
2021-07-05 18:27:28
[SECURITY] [DLA 2708-1] php7.0 security update
2021-07-15 13:01:58
mageia
mageia
Updated php packages fix security vulnerabilities
2021-07-10 15:56:54
Updated php packages fix security vulnerabilities
2021-07-04 05:13:55
oraclelinux
oraclelinux
php:7.4 security update
2022-05-17 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: php-7.4.21-1.fc34
2021-07-08 00:58:15
[SECURITY] Fedora 33 Update: php-7.4.21-1.fc33
2021-07-08 01:08:49
almalinux
almalinux
Moderate: php:7.4 security update
2022-05-10 00:00:00
cloudlinux
cloudlinux
Fix of CVE: CVE-2021-21704, CVE-2021-21703, CVE-2021-21705
2021-11-23 13:13:13
Fix of CVE: CVE-2021-21705, CVE-2021-21704, CVE-2021-21703
2021-11-10 18:27:35
archlinux
archlinux
[ASA-202107-16] php7: multiple issues
2021-07-06 00:00:00
[ASA-202107-15] php: multiple issues
2021-07-06 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2021-07-07 00:00:00
PHP vulnerabilities
2021-07-13 00:00:00
gentoo
gentoo
PHP: Multiple Vulnerabilities
2022-09-29 00:00:00
redos
redos
ROS-20220826-01
2022-08-26 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2022
2022-01-18 00:00:00