CVE-2020-29312

Опубликовано: 04 апр. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

An issue found in Zend Framework v.3.1.3 and before allow a remote attacker to execute arbitrary code via the unserialize function. Note: This has been disputed by third parties as incomplete and incorrect. The framework does not have a version that surpasses 2.x.x and was deprecated in early 2020.

Ссылки

http://zend.com
Product
https://cowtransfer.com/s/f9684f004d7149
Broken Link
https://github.com/zendframework/zendframework
Product
http://zend.com
Product
https://cowtransfer.com/s/f9684f004d7149
Broken Link
https://github.com/zendframework/zendframework
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:zend:zend_framework:*:*:*:*:*:*:*:*

Версия до 3.1.3 (включая)

EPSS

Процентиль: 85%

0.02497

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-502

Связанные уязвимости

CVE-2020-29312

CVSS3: 9.8

debian

почти 3 года назад

An issue found in Zend Framework v.3.1.3 and before allow a remote att ...

GHSA-hwgg-9h9g-m6fw

CVSS3: 9.8

github

почти 3 года назад

An issue found in Zend Framework v.3.1.3 and before allow a remote attacker to execute arbitrary code via the unserialize function.

EPSS

Процентиль: 85%

0.02497

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-502