How severe is CVE-2021-21704?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2021-21704?

This is classified as CWE-125, which is a common weakness in software security.

CVE-2021-21704

MEDIUM Year: 2021

CVSS v3 Score

5.9

Medium

CVSS v2 Score

4.3

Medium

Weakness Type

CWE-125

View all →

Vulnerability Description

In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, such as getAttribute(), execute(), fetch() and others by returning invalid response data that is not parsed correctly by the driver. This can result in crashes, denial of service or potentially memory corruption.

CVE-2014-2031

MEDIUM

CVSS:5.9(Medium)

Deadwood before 2.3.09, 3.x before 3.2.05, and as used in MaraDNS before 1.4.14 and 2.x before 2.0.09, allow remote attackers to cause a denial of service (out-of-bounds read and crash) by leveraging ...

CWE-1252014

CVE-2015-8984

MEDIUM

CVSS:5.9(Medium)

The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash) via a malformed pattern, which trigg...

CWE-1252015

CVE-2016-1249

MEDIUM

CVSS:5.9(Medium)

The DBD::mysql module before 4.039 for Perl, when using server-side prepared statement support, allows attackers to cause a denial of service (out-of-bounds read) via vectors involving an unaligned nu...

CWE-1252016

CVE-2016-2366

MEDIUM

CVSS:5.9(Medium)

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious ...

CWE-1252016

CVE-2016-2367

MEDIUM

CVSS:5.9(Medium)

An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, server, ...

CWE-1252016

CVE-2016-2370

MEDIUM

CVSS:5.9(Medium)

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an out-of-bounds read. A malicious...

CWE-1252016

CVE-2021-21704

Vulnerability Description

Related Vulnerabilities

CVE-2014-2031

CVE-2015-8984

CVE-2016-1249

CVE-2016-2366

CVE-2016-2367

CVE-2016-2370