Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Browse Security Advisories

Security Advisories for zendframework/zendframework Clear Filters

Moderate
about 1 year ago

Zendframework URL Rewrite vulnerability GSA_kwCzR0hTQS1maDdyLTU4cTQtNjM4N84AA8zn

packagist zendframework/zendframework
Moderate
about 1 year ago

ZendFramework vulnerable to Cross-site Scripting GSA_kwCzR0hTQS01Z21mLTNjNDMtcTczds4AA8zm

packagist zendframework/zendframework
Moderate
about 1 year ago

ZendFramework potential remote code execution in zend-mail via Sendmail adapter GSA_kwCzR0hTQS1nZmYyLXA2dm0tM3A4Z84AA8zl

packagist zendframework/zendframework
Moderate
about 1 year ago

ZendFramework Potential Proxy Injection Vulnerabilities GSA_kwCzR0hTQS1tZzdoLTlxZngtNHI4M84AA8zk

packagist zendframework/zendframework
Moderate
about 1 year ago

ZendFramework Information Disclosure and Insufficient Entropy vulnerability GSA_kwCzR0hTQS0yZmhyLThyOHItcXA1Ns4AA8zj

packagist zendframework/zendframework
High
about 1 year ago

ZendFramework SQL injection due to execution of platform-specific SQL containing interpolations GSA_kwCzR0hTQS14MmY0LTh3eGYtdzN2Zs4AA8zi

packagist zendframework/zendframework
Critical
about 1 year ago

Zendframework vulnerable to XXE/XEE attacks GSA_kwCzR0hTQS1xYzd3LTQ1NjctODR3ds4AA8zh

packagist zendframework/zendframework
High
about 1 year ago

ZendFramework Potential Information Disclosure and Insufficient Entropy vulnerabilities GSA_kwCzR0hTQS14Zzl3LXI0NjktbTQ1Nc4AA8zg

packagist zendframework/zendframework
Moderate
about 1 year ago

Zendframework session validation vulnerability GSA_kwCzR0hTQS02MmY2LWg2OHItM2pwd84AA8zf

packagist zendframework/zendframework
High
about 1 year ago

ZendFramework Route Parameter Injection Via Query String in `Zend\Mvc` GSA_kwCzR0hTQS1qcTg3LTJ3eHAtODM0Oc4AA8ze

packagist zendframework/zendframework
Moderate
about 1 year ago

Zendframework has potential Cross-site Scripting vector in multiple view helpers GSA_kwCzR0hTQS04cTc3LWN2NjItamozOM4AA8zd

packagist zendframework/zendframework
High
about 1 year ago

Zendframework Remote Address Spoofing Vector in `Zend\Http\PhpEnvironment\RemoteAddress` GSA_kwCzR0hTQS14ZmZwLTZ3NjgtNDc3Nc4AA8zc

packagist zendframework/zendframework
Critical
over 1 year ago

Zend Framework SQL injection vulnerability GSA_kwCzR0hTQS1xaDl3LXI3ZzUtcTkzOc4AA7QZ

packagist zendframework/zendframework, zendframework/zend-db, zendframework/zendframework1
Moderate
over 3 years ago

Zenario CMS vulnerable to CRLF injection GSA_kwCzR0hTQS01OTU3LTVjcngtNzlqeM4AAjaE

packagist zendframework/zend-http, zendframework/zendframework1, zendframework/zendframework
Critical
over 3 years ago

Zend Framework Allows SQL Injection GSA_kwCzR0hTQS12NTlwLXA2OTItdjM4Ms4AAig9

packagist zendframework/zend-db, zendframework/zendframework
High
over 3 years ago

Doctrine Security Misconfiguration Vulnerability GSA_kwCzR0hTQS1wdzVjLXhxZjItNnhjMs4AAdEh

packagist zfcampus/zf-apigility-doctrine, zendframework/zendframework, zendframework/zend-cache, doctrine/cache, aws/aws-sdk-php, zendframework/zendframework1, doctrine/mongodb-odm-bundle, doctrine/mongodb-odm, doctrine/orm, doctrine/common, doctrine/annotations
Moderate
over 3 years ago

ZendXml and Zend Framework contain XXE and XEE Vulnerabilities GSA_kwCzR0hTQS14cDhwLTlycTUtNHdnds4AAcYZ

packagist zendframework/zendframework, zendframework/zendxml, zendframework/zendframework1
High
over 3 years ago

Zend Framework CSRF Vulnerability GSA_kwCzR0hTQS1nd3dxLTU0cXAtOXBncM4AAbgi

packagist zendframework/zendframework
Moderate
over 3 years ago

Zend Access Restriction Bypass GSA_kwCzR0hTQS1mNnJjLXJoNDMtaDhncs4AAYTG

packagist zendframework/zendframework1, zendframework/zendframework
High
over 3 years ago

Zend Framework Information Disclosure GSA_kwCzR0hTQS1wbTltLXcyM3EtNTk2N84AAYQH

packagist zendframework/zendframework, zendframework/zend-crypt
Critical
over 3 years ago

Zend Framework Allows SQL Injection GSA_kwCzR0hTQS1wOWhwLTNncHYtNTJ3M84AAVUb

packagist zendframework/zendframework1, zendframework/zendframework
Critical
over 3 years ago

Zend Framework Allows SQL Injection GSA_kwCzR0hTQS14ZmpxLXczY3ctaDVmcc4AAVUw

packagist zendframework/zendframework
Critical
about 4 years ago

Remote code execution in zendframework and laminas-http MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh4OGYtcWY5Zi01Zmd3

packagist laminas/laminas-http, zendframework/zendframework

Filter by Severity

Moderate 10,305 High 8,138 Critical 3,344 Low 1,485

Filter by Ecosystem

maven 6,823 packagist 5,402 pypi 4,916 npm 4,270 go 2,910 nuget 1,870 cargo 1,082 rubygems 929 actions 37 hex 37 swift 36 pub 10

Filter by Package

tensorflow 433 tensorflow-gpu 427 tensorflow-cpu 423 moodle/moodle 418 magento/community-edition 301 Microsoft.ChakraCore 247 org.jenkins-ci.main:jenkins-core 239 typo3/cms 190 com.liferay.portal:release.portal.bom 139 org.apache.tomcat:tomcat 136 github.com/mattermost/mattermost/server/v8 124 com.liferay.portal:release.dxp.bom 123 pimcore/pimcore 120 dolibarr/dolibarr 116 typo3/cms-core 111 Django 107 phpmyadmin/phpmyadmin 107 microweber/microweber 103 drupal/core 103 magento/project-community-edition 101 silverstripe/framework 92 apache-airflow 85 drupal/drupal 83 librenms/librenms 83 thorsten/phpmyfaq 73 Plone 72 com.fasterxml.jackson.core:jackson-databind 69 symfony/symfony 69 concrete5/concrete5 67 github.com/usememos/memos 66 salt 65 ansible 63 actionpack 61 apache-superset 61 shopware/platform 58 org.apache.struts:struts2-core 57 github.com/grafana/grafana 56 mlflow 53 craftcms/cms 53 org.keycloak:keycloak-core 50 github.com/hashicorp/vault 49 nova 48 org.apache.tomcat.embed:tomcat-embed-core 48 mautic/core 48 baserproject/basercms 47 django 46 nokogiri 46 github.com/mattermost/mattermost-server/v6 45 github.com/rancher/rancher 45 shopware/core 45 vyper 44 gradio 44 org.xwiki.platform:xwiki-platform-oldcore 43 k8s.io/kubernetes 42 rdiffweb 42 org.keycloak:keycloak-services 42 nilsteampassnet/teampass 42 matrix-synapse 42 mantisbt/mantisbt 41 showdoc/showdoc 41 plone 41 org.elasticsearch:elasticsearch 41 froxlor/froxlor 40 intelliants/subrion 39 directus 39 github.com/mattermost/mattermost-server 38 com.thoughtworks.xstream:xstream 37 snipe/snipe-it 36 picklescan 36 com.jfinal:jfinal 36 net.mingsoft:ms-mcms 36 moin 35 io.undertow:undertow-core 35 org.jenkins-ci.plugins:script-security 34 zendframework/zendframework1 34 github.com/answerdev/answer 34 parse-server 33 gogs.io/gogs 33 github.com/argoproj/argo-cd/v2 32 keystone 32 opencv-contrib-python 31 github.com/docker/docker 31 github.com/cilium/cilium 31 github.com/argoproj/argo-cd 31 opencv-python 31 github.com/hashicorp/nomad 31 getgrav/grav 30 shopware/shopware 30 contao/core-bundle 29 Pillow 29 github.com/hashicorp/consul 29 next 29 rack 29 electron 29 mediawiki/core 28 pillow 28 org.apache.solr:solr-core 28 centreon/centreon 27 org.opencms:opencms-core 27 prestashop/prestashop 27 org.springframework.security:spring-security-core 26 openssl-src 26 rubygems-update 25 open-webui 25 github.com/traefik/traefik/v2 25 vllm 25 pocketmine/pocketmine-mp 25 org.eclipse.jetty:jetty-server 25 org.keycloak:keycloak-parent 24 magento/core 24 surrealdb 24 getkirby/cms 24 zendframework/zendframework 23 grumpydictator/firefly-iii 23 simplesamlphp/simplesamlphp 23 puppet 23 pyload-ng 23 org.bouncycastle:bcprov-jdk14 23 remdex/livehelperchat 23 laravel/framework 23 org.apache.tomcat:tomcat-catalina 23 phpoffice/phpexcel 23 activerecord 22 ckb 22 tribalsystems/zenario 22 @openzeppelin/contracts-upgradeable 22 Microsoft.AspNetCore.App.Runtime.win-x86 22 org.apache.openmeetings:openmeetings-parent 22 phpoffice/phpspreadsheet 22 contao/contao 22 DotNetNuke.Core 22 Microsoft.AspNetCore.App.Runtime.win-x64 22 Microsoft.AspNetCore.App.Runtime.win-arm 21 glance 21 @openzeppelin/contracts 21 github.com/goharbor/harbor 21 helm.sh/helm/v3 21 org.apache.nifi:nifi 21 github.com/ethereum/go-ethereum 21 golang.org/x/net 20 code.gitea.io/gitea 20 langchain 20 org.xwiki.platform:xwiki-platform-web-templates 20 aim 20 wasmtime 20 funadmin/funadmin 20 org.cloudfoundry.identity:cloudfoundry-identity-server 20 cockpit-hq/cockpit 20 org.apache.tomcat:tomcat-coyote 20 Microsoft.AspNetCore.App.Runtime.osx-x64 19 Microsoft.AspNetCore.App.Runtime.win-arm64 19 github.com/zitadel/zitadel 19 deno 19 Microsoft.AspNetCore.App.Runtime.linux-x64 19 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 19 Microsoft.AspNetCore.App.Runtime.linux-arm64 19 neutron 19 topthink/framework 19 Microsoft.AspNetCore.App.Runtime.linux-arm 19 genix/cms 18 mindsdb 18 cobbler 18 org.apache.jspwiki:jspwiki-main 18 Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 18 forkcms/forkcms 18 mercurial 18 com.vaadin:vaadin-bom 18 org.springframework:spring-core 17 org.apache.inlong:manager-pojo 17 OctoPrint 17 ezsystems/ezpublish-kernel 17 opencart/opencart 17 org.apache.geode:geode-core 17 notebook 17 openmage/magento-lts 17 calibreweb 17 github.com/traefik/traefik/v3 17 symfony/security 17 cryptography 17 cakephp/cakephp 17 flowise 17 github.com/openfga/openfga 17 typo3/cms-backend 17 francoisjacquet/rosariosis 17 yetiforce/yetiforce-crm 17 org.apache.ranger:ranger 16 paddlepaddle 16 phpbb/phpbb 16 Microsoft.NetCore.App.Runtime.win-arm64 16 org.apache.dubbo:dubbo 16 lollms 16 Microsoft.NetCore.App.Runtime.win-x86 16 rusqlite 16 PaddlePaddle 16 transformers 16 october/system 16 tinymce 16 org.bouncycastle:bcprov-jdk15 16 Microsoft.NetCore.App.Runtime.win-x64 16 Microsoft.NetCore.App.Runtime.win-arm 16

Filter by Repository

https://github.com/zendframework/zendframework 14 https://github.com/laminas/laminas-http 1 https://github.com/zendframework/zf1 1 https://github.com/aws/aws-sdk-php 1