logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2021-21706

Description

In PHP versions 7.3.x below 7.3.31, 7.4.x below 7.4.24 and 8.0.x below 8.0.11, in Microsoft Windows environment, ZipArchive::extractTo may be tricked into writing a file outside target directory when extracting a ZIP file, thus potentially causing files to be created or overwritten, subject to OS permissions. #### Notes Author| Note ---|--- [seth-arnold](<https://launchpad.net/~seth-arnold>) | Affects Windows


Affected Package


OS OS Version Package Name Package Version
ubuntu upstream php5 any
ubuntu upstream php7.0 any
ubuntu upstream php7.2 any
ubuntu upstream php7.4 any
ubuntu upstream php8.0 any
ubuntu upstream php8.1 any

Related