Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-3369-1
HistoryOct 06, 2015 - 12:00 a.m.

zendframework - security update

2015-10-0600:00:00
Google
osv.dev
9

EPSS

0

Percentile

5.1%

JSON

Multiple vulnerabilities were discovered in Zend Framework, a PHP
framework:

  • CVE-2015-5723
    It was discovered that due to incorrect permissions masks when
    creating directories, local attackers could potentially execute
    arbitrary code or escalate privileges.
  • ZF2015-08 (no CVE assigned)

Chris Kings-Lynne discovered an SQL injection vector caused by
missing null byte filtering in the MS SQL PDO backend, and a similar
issue was also found in the SQLite backend.

For the oldstable distribution (wheezy), this problem has been fixed
in version 1.11.13-1.1+deb7u4.

For the stable distribution (jessie), this problem has been fixed in
version 1.12.9+dfsg-2+deb8u4.

For the testing distribution (stretch), this problem has been fixed
in version 1.12.16+dfsg-1.

For the unstable distribution (sid), this problem has been fixed in
version 1.12.16+dfsg-1.

We recommend that you upgrade your zendframework packages.

Related

friendsofphp 14
debian 1
fedora 16
nessus 17
openvas 14
osv 1
nvd 1
github 1
cvelist 1
ubuntucve 1
veracode 1
prion 1
securityvulns 2
cve 1
mageia 1
gitlab 1
debiancve 1
friendsofphp
friendsofphp
Security Misconfiguration Vulnerability in the AWS SDK for PHP
2015-07-24 00:41:41
Security Misconfiguration Vulnerability in the AWS SDK for PHP
2015-07-24 00:41:41
Security Misconfiguration Vulnerability in various Doctrine projects
2015-08-31 14:34:50
debian
debian
[SECURITY] [DSA 3369-1] zendframework security update
2015-10-06 21:31:39
fedora
fedora
[SECURITY] Fedora 21 Update: php-doctrine-doctrine-bundle-1.5.2-1.fc21
2015-09-14 22:22:22
[SECURITY] Fedora 24 Update: php-doctrine-orm-2.4.8-1.fc24
2016-07-20 00:28:56
[SECURITY] Fedora 22 Update: php-doctrine-doctrine-bundle-1.5.2-1.fc22
2015-09-14 23:21:38
nessus
nessus
Fedora 22 : php-doctrine-doctrine-bundle-1.5.2-1.fc22 (2015-15206)
2015-09-15 00:00:00
Fedora 23 : php-doctrine-annotations-1.2.7-1.fc23 (2015-15202)
2015-09-21 00:00:00
Fedora 23 : php-doctrine-doctrine-bundle-1.5.2-1.fc23 (2015-15205)
2015-09-21 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0391)
2015-10-15 00:00:00
Fedora Update for php-doctrine-orm FEDORA-2016-f0c8b7b115
2016-08-02 00:00:00
Fedora Update for php-doctrine-common FEDORA-2016-8dc0af2c29
2016-08-04 00:00:00
osv
osv
Doctrine Security Misconfiguration Vulnerability
2022-05-17 03:44:28
nvd
nvd
CVE-2015-5723
2016-06-07 14:06:08
github
github
Doctrine Security Misconfiguration Vulnerability
2022-05-17 03:44:28
cvelist
cvelist
CVE-2015-5723
2016-06-07 14:00:00
ubuntucve
ubuntucve
CVE-2015-5723
2016-06-07 00:00:00
veracode
veracode
Privilege Escalation And Arbitrary Code Execution
2020-09-03 10:15:09
prion
prion
Code injection
2016-06-07 14:06:00
securityvulns
securityvulns
[SECURITY] [DSA 3369-1] zendframework security update
2015-10-26 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2015-10-26 00:00:00
cve
cve
CVE-2015-5723
2016-06-07 14:06:08
mageia
mageia
Updated php-ZendFramework/php-ZendFramework2 packages fixe security vulnerabilities
2015-10-09 21:47:39
gitlab
gitlab
Security Misconfiguration Vulnerability
2016-06-07 00:00:00
debiancve
debiancve
CVE-2015-5723
2016-06-07 14:06:08

EPSS

0

Percentile

5.1%

JSON
Related for OSV:DSA-3369-1
friendsofphp14debian1fedora16nessus17openvas14osv1nvd1github1cvelist1ubuntucve1veracode1prion1securityvulns2cve1mageia1gitlab1debiancve1