CVE Vulnerabilities

CVE-2021-21707

Published: Nov 29, 2021 | Modified: Feb 16, 2023
CVSS 3.x
5.3
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
5.3 MODERATE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Ubuntu
LOW

In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus interpreting the filename differently from what the user intended, which may lead it to reading a different file than intended.

Affected Software

Name Vendor Start Version End Version
Php Php 7.3.0 (including) 7.3.33 (excluding)
Php Php 7.4.0 (including) 7.4.26 (excluding)
Php Php 8.0.0 (including) 8.0.13 (excluding)
Red Hat Enterprise Linux 8 RedHat php:7.4-8070020220707122009.afd00e68 *
Red Hat Software Collections for Red Hat Enterprise Linux 7 RedHat rh-php73-php-0:7.3.33-1.el7 *
Php5 Ubuntu esm-infra-legacy/trusty *
Php5 Ubuntu trusty *
Php5 Ubuntu trusty/esm *
Php7.0 Ubuntu esm-infra/xenial *
Php7.0 Ubuntu upstream *
Php7.0 Ubuntu xenial *
Php7.2 Ubuntu bionic *
Php7.4 Ubuntu focal *
Php7.4 Ubuntu hirsute *
Php7.4 Ubuntu upstream *
Php8.0 Ubuntu impish *
Php8.0 Ubuntu upstream *

References