CVE-2021-21708
published 2022-02-27CVE-2021-21708: In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTER_VALIDATE_FLOAT filter and min/max…
PriorityP354critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
3.00%
85.7th percentile
In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTER_VALIDATE_FLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in overwrite of other memory chunks and RCE. This issue affects: code that uses FILTER_VALIDATE_FLOAT with min/max limits.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | php7.4 | < php7.4 7.4.28-1+deb11u1 (bullseye) | php7.4 7.4.28-1+deb11u1 (bullseye) |
| msrc | cbl2_php_on_cbl_mariner_2.0 | — | — |
| paloalto | pan-os | — | — |
| php | php | >= 7.4.0 < 7.4.28 | 7.4.28 |
| php | php | >= 8.0.0 < 8.0.16 | 8.0.16 |
| php | php | >= 8.1.0 < 8.1.3 | 8.1.3 |
| php_group | php | >= 7.4.x < 7.4.28 | 7.4.28 |
| php_group | php | >= 8.0.X < 8.0.16 | 8.0.16 |
| php_group | php | >= 8.1.X < 8.1.3 | 8.1.3 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_oracle9.8HIGH
vendor_debian8.2HIGH
vendor_msrc8.2HIGH
vendor_redhat8.2HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Festo Didactic SE MES PC
cisa_ics·2026-01-27·CVSS 7.5
[HIGH] Festo Didactic SE MES PC
ICS Advisory
##
Festo Didactic SE MES PC
Release DateJanuary 27, 2026
Alert CodeICSA-26-027-02
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## Summary
MES PCs shipped with Windows 10 come pre-installed with XAMPP. XAMPP is a bundle of third-party open-source applications including the Apache HTTP Server, the MariaDB database and more. From time to time, vulnerabilities in these applications are discovered. These are fixed in newer versions of XAMPP by updating the bundled applications. MES PCs shipped with Windows 10 include a copy of XAMPP which contains around 140 such vulnerabilities listed in this advisory. They can be fixed by replacing XAMPP with Festo Didactic's Factory Control Panel application.
The
Palo Alto
PAN-SA-2024-0004 Informational Bulletin: OSS CVEs fixed in PAN-OS
vendor_paloalto·2024-04-10·CVSS 9.8
CVE-2015-5739 [CRITICAL] PAN-SA-2024-0004 Informational Bulletin: OSS CVEs fixed in PAN-OS
PAN-SA-2024-0004 Informational Bulletin: OSS CVEs fixed in PAN-OS
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS. While it was not determined that these CVEs have any significant impact on PAN-OS, they have been fixed out of an abundance of caution. CVE Summary CVE-2015-5739 This CVE is fixed in PAN-OS 11.0.4, and all later PAN-OS versions. CVE-2016-10228 This CVE is fixed in PAN-OS 11.1.3, and all later PAN-OS versions. CVE-2017-8923 This CVE is fixed in PAN-OS 10.2.8, 11.0.3, and all later PAN-OS versions. CVE-2017-9120 This CVE is fixed in PAN-OS 10.2.8, 11.0.3, and all later PAN-OS versions. CVE-2018-25009 This CVE is fixed in PAN-OS 10.2.8, 11.0.4, 11.1.3, and all later PAN-OS versions. CVE-2
Palo Alto
PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS
vendor_paloalto·2024-02-14·CVSS 9.8
CVE-2017-18342 [CRITICAL] PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS
PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS software. While PAN-OS software may include the
CVEs: CVE-2017-18342, CVE-2017-8923, CVE-2017-9120, CVE-2019-1551, CVE-2019-16865, CVE-2019-16905, CVE-2019-19523, CVE-2019-19528, CVE-2019-19911, CVE-2020-0404, CVE-2020-0431, CVE-2020-0466, CVE-2020-10379, CVE-2020-11538, CVE-2020-11608, CVE-2020-12114, CVE-2020-12321, CVE-2020-12362, CVE-2020-12363, CVE-2020-12364, CVE-2020-13757, CVE-2020-14314, CVE-2020-14351, CVE-2020-15778, CVE-2020-1967, CVE-2020-24394, CVE-2020-24504, CVE-2020-25211, CVE-2020-25212, CVE-2020-25284, CVE-2020-25285, CVE-2020-25717, CVE-2020-26541, CVE-2020-2715
Oracle
Oracle Oracle Communications Risk Matrix: Platform (PHP) — CVE-2021-21708
vendor_oracle·2022-10-15·CVSS 9.8
CVE-2021-21708 [HIGH] Oracle Oracle Communications Risk Matrix: Platform (PHP) — CVE-2021-21708
Oracle Oracle Communications Risk Matrix: Platform (PHP) vulnerability
CVE: CVE-2021-21708
CVSS: 9.8
Protocol: HTTP
Remote exploit: Yes
Affected versions: Network
Advisory: cpuoct2022 (OCT 2022)
Ubuntu
PHP vulnerability
vendor_ubuntu·2022-02-28
CVE-2021-21708 PHP vulnerability
Title: PHP vulnerability
Summary: PHP could be made to crash or run programs if it received specially crafted
input.
It was discovered that PHP incorrectly handled certain scripts.
An attacker could possibly use this issue to cause a denial of service,
or possibly execute arbitrary code.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
php: Use after free due to php_filter_float() failing for ints
vendor_redhat·2022-02-17·CVSS 8.2
CVE-2021-21708 [HIGH] CWE-416 php: Use after free due to php_filter_float() failing for ints
php: Use after free due to php_filter_float() failing for ints
In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTER_VALIDATE_FLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in overwrite of other memory chunks and RCE. This issue affects: code that uses FILTER_VALIDATE_FLOAT with min/max limits.
A flaw was found in PHP. The vulnerability occurs due to the malformed php_filter_float() function and leads to a use-after-free vulnerability. This flaw allows an attacker to inject a malicious file, leading to a crash or a Segmentation fault.
Package: php (Red Hat Enterprise Linux 6) - Not affected
Package: ph
Microsoft
UAF due to php_filter_float() failing
vendor_msrc·2022-02-08·CVSS 8.2
CVE-2021-21708 [HIGH] CWE-416 UAF due to php_filter_float() failing
UAF due to php_filter_float() failing
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
php: php
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.microsoft.com/en-us/a
Debian
CVE-2021-21708: php7.4 - In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, w...
vendor_debian·2021·CVSS 8.2
CVE-2021-21708 [HIGH] CVE-2021-21708: php7.4 - In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, w...
In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTER_VALIDATE_FLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in overwrite of other memory chunks and RCE. This issue affects: code that uses FILTER_VALIDATE_FLOAT with min/max limits.
Scope: local
bullseye: resolved (fixed in 7.4.28-1+deb11u1)
GHSA
GHSA-g9qg-rg7j-whhx: In PHP versions 7
ghsa_unreviewed·2022-02-28
CVE-2021-21708 [CRITICAL] CWE-416 GHSA-g9qg-rg7j-whhx: In PHP versions 7
In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTER_VALIDATE_FLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in overwrite of other memory chunks and RCE. This issue affects: code that uses FILTER_VALIDATE_FLOAT with min/max limits.
OSV
CVE-2021-21708: In PHP versions 7
osv·2022-02-27·CVSS 9.8
CVE-2021-21708 [CRITICAL] CVE-2021-21708: In PHP versions 7
In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTER_VALIDATE_FLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in overwrite of other memory chunks and RCE. This issue affects: code that uses FILTER_VALIDATE_FLOAT with min/max limits.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-02-27
Published