OSV-2021-455

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/php/OSV-2021-455.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2021-455
Published
2021-02-28T00:01:13.121524Z
Modified
2022-04-13T03:04:33.633980Z
Summary
Heap-use-after-free in zend_hash_iterator_pos_ex
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31423

Crash type: Heap-use-after-free READ 1
Crash state:
zend_hash_iterator_pos_ex
ZEND_FE_FETCH_RW_SPEC_VAR_HANDLER
fuzzer_execute_ex
References

Affected packages

OSS-Fuzz / php

Package

Name
php
Purl
pkg:generic/php

Affected ranges

Type
GIT
Repo
https://github.com/php/php-src.git
Events
Introduced
1902f730ee2bda60552f34c0643e2d7b47e4fb64
Fixed
5875bf754ed4fc64a6f0b7d62734d2a816c51017

Affected versions

php-8.*
php-8.0.0
php-8.0.0RC2
php-8.0.0RC3
php-8.0.0RC4
php-8.0.0RC5
php-8.0.0beta3
php-8.0.0beta4
php-8.0.0rc1
php-8.0.1
php-8.0.1RC1
php-8.0.2
php-8.0.2RC1
php-8.0.3
php-8.0.3RC1

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific

source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/php/OSV-2021-455.yaml"