GHSA-qg7m-mwxm-j3h7

Опубликовано: 07 июн. 2024

Источник: github

Github: Прошло ревью

CVSS3: 5.3

Описание

Zend-developer-tools information disclosure vulnerability

The package zendframework/zend-developer-tools provides a web-based toolbar for introspecting an application. When updating the package to support PHP 7.3, a change was made that could potentially prevent toolbar entries that are enabled by default from being disabled.

Ссылки

https://github.com/zendframework/zend-developer-tools/commit/ce27f4624cf947bea2d746244b1ed6de10e22f1f
https://framework.zend.com/security/advisory/ZF2019-01
https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zend-developer-tools/ZF2019-01.yaml

Пакеты

Наименование

zendframework/zend-developer-tools

composer

Затронутые версииВерсия исправления

>= 1.2.2, < 1.2.3

1.2.3

5.3 Medium

CVSS3

Дефекты

CWE-200

5.3 Medium

CVSS3

Дефекты

CWE-200