zendframework/zendframework Security Advisories for 2.5.0 (2)
-
[CRITICAL] Remote code execution in zendframework and laminas-http
PKSA-9gb9-jn3z-tytw CVE-2021-3007 GHSA-xx8f-qf9f-5fgw
Affected version: <=3.0.0
Reported by:
GitHub -
[MEDIUM] XXE/XEE vector when using ZendXml on multibyte payloads
PKSA-zb12-j4m8-9hsy CVE-2015-5161 GHSA-xp8p-9rq5-4wgv
Affected version: >=2.0.0,<2.0.99|>=2.1.0,<2.1.99|>=2.2.0,<2.2.99|>=2.3.0,<2.3.8|>=2.4.0,<2.4.6|>=2.5.0,<2.5.1
Reported by:
GitHub, FriendsOfPHP/security-advisories