zendframework/zendframework Security Advisories for 2.3.8 (5)
-
[CRITICAL] Remote code execution in zendframework and laminas-http
PKSA-9gb9-jn3z-tytw CVE-2021-3007 GHSA-xx8f-qf9f-5fgw
Affected version: <=3.0.0
Reported by:
GitHub -
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[HIGH] Potential remote code execution in zend-mail via Sendmail adapter
PKSA-n4jn-zfz3-4hxy GHSA-xg9w-r469-m455
Affected version: >=2.0.0,<2.1.0|>=2.1.0,<2.2.0|>=2.2.0,<2.3.0|>=2.3.0,<2.4.0|>=2.4.0,<2.4.11
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[HIGH] Potential Information Disclosure and Insufficient Entropy vulnerability in Zend\Captcha\Word
PKSA-5jbd-wvkt-7qnp GHSA-xffp-6w68-4775
Affected version: >=2.0.0,<2.4.9
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[HIGH] Potential Information Disclosure in Zend\Crypt\PublicKey\Rsa\PublicKey
PKSA-xx58-19nw-1zf8 CVE-2015-7503 GHSA-pm9m-w23q-5967
Affected version: >=2.0.0,<2.4.9
Reported by:
GitHub, FriendsOfPHP/security-advisories