GHSA-w5mj-j45q-m638

Опубликовано: 07 июн. 2024

Источник: github

Github: Прошло ревью

Описание

ZendFramework1 Potential Security Issues in Bundled Dojo Library

In mid-March, 2010, the Dojo Foundation issued a Security Advisory indicating potential security issues with specific files in Dojo Toolkit. Details of the advisory may be found on the Dojo website:

http://dojotoolkit.org/blog/post/dylan/2010/03/dojo-security-advisory/ In particular, several files in the Dojo tree were identified as having potential exploits, and the Dojo team also advised disabling or removing any PHP scripts in the tree when deploying to production.

Ссылки

https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zendframework1/ZF2010-07.yaml
https://web.archive.org/web/20210509072723/https://framework.zend.com/security/advisory/ZF2010-07
http://dojotoolkit.org/blog/post/dylan/2010/03/dojo-security-advisory

Пакеты

Наименование

zendframework/zendframework1

composer

Затронутые версииВерсия исправления

>= 1.9.0, < 1.9.8

1.9.8

Наименование

zendframework/zendframework1

composer

Затронутые версииВерсия исправления

>= 1.10.0, < 1.10.3

1.10.3