{"id":"MGASA-2021-0519","summary":"Updated php packages fix security vulnerability","details":"Header injection via default_mimetype / default_charset\nmbstring may use pointer from some previous request\nUnexpected behavior with arrays and JIT\nSpecial character is breaking the path in xml function (CVE-2021-21707)\nXMLReader::getParserProperty may throw with a valid property\n","modified":"2026-04-16T00:09:54.731621706Z","published":"2021-11-20T19:31:06Z","upstream":["CVE-2021-21707"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0519.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=29673"},{"type":"WEB","url":"https://www.php.net/ChangeLog-8.php#8.0.13"}],"affected":[{"package":{"name":"php","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/php?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.0.13-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0519.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}