Lucene search
F5F5:K80922332HistoryOct 02, 2020 - 12:00 a.m.
K80922332 : PHP vulnerability CVE-2015-8866
2020-10-0200:00:00
my.f5.com
27
Security Advisory Description
ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote attackers to conduct XML External Entity (XXE) and XML Entity Expansion (XEE) attacks via a crafted XML document, a related issue to CVE-2015-5161. (CVE-2015-8866)
Impact
There is no impact; F5 products are not affected by this vulnerability.
Related
ubuntucve
ubuntucve
CVE-2015-8866
2016-05-22 00:00:00
CVE-2015-5161
2015-08-25 00:00:00
cvelist
cvelist
CVE-2015-8866
2016-05-22 01:00:00
CVE-2015-5161
2015-08-25 17:00:00
nvd
nvd
CVE-2015-8866
2016-05-22 01:59:05
CVE-2015-5161
2015-08-25 17:59:03
cve
cve
CVE-2015-8866
2016-05-22 01:59:05
CVE-2015-5161
2015-08-25 17:59:03
nessus
nessus
Debian DSA-3340-1 : zendframework - security update
2015-08-24 00:00:00
Debian DLA-302-1 : zendframework security update
2015-08-28 00:00:00
packetstorm
packetstorm
Zend Framework 2.4.2 / 1.12.13 XXE Injection
2015-08-13 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0371)
2015-10-15 00:00:00
Debian Security Advisory DSA 3340-1 (zendframework - security update)
2015-08-19 00:00:00
Debian: Security Advisory (DLA-302-1)
2023-03-08 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3340-1] zendframework security update
2015-08-24 00:00:00
friendsofphp
friendsofphp
XXE/XEE vector when using ZendXml on multibyte payloads
2015-08-03 15:13:58
XXE/XEE vector when using ZendXml on multibyte payloads
2015-08-03 15:13:58
XXE/XEE vector when using ZendXml on multibyte payloads
2015-08-03 15:13:58
fedora
fedora
[SECURITY] Fedora 22 Update: php-ZendFramework2-2.4.7-1.fc22
2015-08-27 18:33:26
[SECURITY] Fedora 22 Update: php-guzzle-Guzzle-3.9.3-5.fc22
2015-08-27 18:33:26
[SECURITY] Fedora 21 Update: php-ZendFramework2-2.4.7-1.fc21
2015-08-27 23:52:14
veracode
veracode
XML External Entity (XXE) And XML Entity Expansion (XEE)
2017-07-26 23:17:17
Null Pointer Dereference
2019-05-02 06:02:24
Insecure Pseudo Random Number Generator
2019-05-02 06:02:16
debian
debian
[SECURITY] [DSA 3340-1] zendframework security update
2015-08-19 21:43:10
[SECURITY] [DLA 302-1] zendframework security update
2015-08-27 17:38:42
[SECURITY] [DLA 499-1] php5 security update
2016-05-31 20:07:56
osv
osv
zendframework - security update
2015-08-27 00:00:00
ZendXml and Zend Framework contain XXE and XEE Vulnerabilities
2022-05-17 03:16:37
php5 - security update
2016-05-31 00:00:00
mageia
mageia
Updated php-ZendFramework packages fix CVE-2015-5161
2015-09-15 17:55:06
Updated php-ZendFramework packages fix CVE-2015-5161
2015-09-15 17:55:06
github
github
ZendXml and Zend Framework contain XXE and XEE Vulnerabilities
2022-05-17 03:16:37
exploitpack
exploitpack
Zend Framework 2.4.2 - PHP FPM XML eXternal Entity Injection
2015-08-13 00:00:00
eBay Magento 1.9.2.1 - PHP FPM XML eXternal Entity Injection
2015-10-30 00:00:00
zdt
zdt
Zend Framework 2.4.2 / 1.12.13 XXE Injection Vulnerability
2015-08-13 00:00:00
exploitdb
exploitdb
Zend Framework 2.4.2 - PHP FPM XML eXternal Entity Injection
2015-08-13 00:00:00
eBay Magento 1.9.2.1 - PHP FPM XML eXternal Entity Injection
2015-10-30 00:00:00
suse
suse
Security update for php5 (important)
2016-05-11 18:07:54
Security update for php5 (important)
2016-05-20 15:09:02
Security update for php5 (important)
2016-05-11 14:07:47
ibm
ibm
redhat
redhat