Lucene search
OpenJS FoundationFRIENDSOFPHP:ZENDFRAMEWORK:ZENDFRAMEWORK:CVE-2015-5161HistoryAug 03, 2015 - 3:13 p.m.
XXE/XEE vector when using ZendXml on multibyte payloads
2015-08-0315:13:58
OpenJS Foundation
github.com
10
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
9.7
Confidence
High
EPSS
0.079
Percentile
94.3%
Affected configurations
Node
zendframeworkzendframeworkRange<2.5.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zendframework | zendframework | * | cpe:2.3:a:zendframework:zendframework:*:*:*:*:*:*:*:* |
Related
nessus
nessus
Debian DSA-3340-1 : zendframework - security update
2015-08-24 00:00:00
Fedora 21 : php-ZendFramework2-2.4.7-1.fc21 / php-guzzle-Guzzle-3.9.3-5.fc21 (2015-13488)
2015-08-28 00:00:00
Debian DLA-302-1 : zendframework security update
2015-08-28 00:00:00
openvas
openvas
Debian Security Advisory DSA 3340-1 (zendframework - security update)
2015-08-19 00:00:00
Mageia: Security Advisory (MGASA-2015-0371)
2015-10-15 00:00:00
Debian: Security Advisory (DLA-302-1)
2023-03-08 00:00:00
ubuntucve
ubuntucve
CVE-2015-5161
2015-08-25 00:00:00
CVE-2015-8866
2016-05-22 00:00:00
packetstorm
packetstorm
Zend Framework 2.4.2 / 1.12.13 XXE Injection
2015-08-13 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3340-1] zendframework security update
2015-08-24 00:00:00
friendsofphp
friendsofphp
XXE/XEE vector when using ZendXml on multibyte payloads
2015-08-03 15:13:58
XXE/XEE vector when using ZendXml on multibyte payloads
2015-08-03 15:13:58
fedora
fedora
[SECURITY] Fedora 22 Update: php-ZendFramework2-2.4.7-1.fc22
2015-08-27 18:33:26
[SECURITY] Fedora 22 Update: php-guzzle-Guzzle-3.9.3-5.fc22
2015-08-27 18:33:26
[SECURITY] Fedora 21 Update: php-ZendFramework2-2.4.7-1.fc21
2015-08-27 23:52:14
debian
debian
[SECURITY] [DSA 3340-1] zendframework security update
2015-08-19 21:43:10
[SECURITY] [DLA 302-1] zendframework security update
2015-08-27 17:38:42
[SECURITY] [DLA 499-1] php5 security update
2016-05-31 20:07:56
veracode
veracode
XML External Entity (XXE) And XML Entity Expansion (XEE)
2017-07-26 23:17:17
osv
osv
zendframework - security update
2015-08-27 00:00:00
ZendXml and Zend Framework contain XXE and XEE Vulnerabilities
2022-05-17 03:16:37
php5 - security update
2016-05-31 00:00:00
mageia
mageia
Updated php-ZendFramework packages fix CVE-2015-5161
2015-09-15 17:55:06
Updated php-ZendFramework packages fix CVE-2015-5161
2015-09-15 17:55:06
cvelist
cvelist
CVE-2015-5161
2015-08-25 17:00:00
CVE-2015-8866
2016-05-22 01:00:00
github
github
ZendXml and Zend Framework contain XXE and XEE Vulnerabilities
2022-05-17 03:16:37
zdt
zdt
Zend Framework 2.4.2 / 1.12.13 XXE Injection Vulnerability
2015-08-13 00:00:00
exploitpack
exploitpack
Zend Framework 2.4.2 - PHP FPM XML eXternal Entity Injection
2015-08-13 00:00:00
eBay Magento 1.9.2.1 - PHP FPM XML eXternal Entity Injection
2015-10-30 00:00:00
cve
cve
CVE-2015-5161
2015-08-25 17:59:03
CVE-2015-8866
2016-05-22 01:59:05
nvd
nvd
CVE-2015-5161
2015-08-25 17:59:03
CVE-2015-8866
2016-05-22 01:59:05
exploitdb
exploitdb
Zend Framework 2.4.2 - PHP FPM XML eXternal Entity Injection
2015-08-13 00:00:00
eBay Magento 1.9.2.1 - PHP FPM XML eXternal Entity Injection
2015-10-30 00:00:00
f5
f5
K80922332 : PHP vulnerability CVE-2015-8866
2020-10-02 00:00:00
suse
suse
Security update for php53 (important)
2016-06-21 13:08:17
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
9.7
Confidence
High
EPSS
0.079
Percentile
94.3%
Related for FRIENDSOFPHP:ZENDFRAMEWORK:ZENDFRAMEWORK:CVE-2015-5161