How severe is CVE-2021-21703?

This vulnerability has a severity rating of HIGH with a CVSS score of 7 out of 10.

What type of vulnerability is CVE-2021-21703?

This is classified as CWE-284, which is a common weakness in software security.

CVE-2021-21703

HIGH Year: 2021

CVSS v3 Score

7.0

High

CVSS v2 Score

6.9

Medium

Weakness Type

CWE-284

View all →

Vulnerability Description

In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root user.

CVE-2016-3319

HIGH

CVSS:7.0(High)

The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allows remote attackers to execute arbitrary code via a crafted PDF file, aka "M...

CWE-2842016

CVE-2016-6179

HIGH

CVSS:7.0(High)

The WiFi driver in Huawei Honor 6 smartphones with software H60-L01 before H60-L01C00B850, H60-L11 before H60-L11C00B850, H60-L21 before H60-L21C00B850, H60-L02 before H60-L02C00B850, H60-L12 before H...

CWE-2842016

CVE-2016-6180

HIGH

CVSS:7.0(High)

The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause...

CWE-2842016