Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-5161

Опубликовано: 25 авг. 2015
Источник: ubuntu
Приоритет: medium
CVSS2: 6.8

Описание

The Zend_Xml_Security::scan in ZendXml before 1.0.1 and Zend Framework before 1.12.14, 2.x before 2.4.6, and 2.5.x before 2.5.2, when running under PHP-FPM in a threaded environment, allows remote attackers to bypass security checks and conduct XML external entity (XXE) and XML entity expansion (XEE) attacks via multibyte encoded characters.

РелизСтатусПримечание
devel

not-affected

1.0.1-1
esm-infra-legacy/trusty

DNE

precise

DNE

trusty

DNE

trusty/esm

DNE

upstream

needs-triage

vivid

ignored

end of life
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

wily

DNE

Показывать по

Ссылки на источники

6.8 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2015-5161

nvd
больше 10 лет назад

The Zend_Xml_Security::scan in ZendXml before 1.0.1 and Zend Framework before 1.12.14, 2.x before 2.4.6, and 2.5.x before 2.5.2, when running under PHP-FPM in a threaded environment, allows remote attackers to bypass security checks and conduct XML external entity (XXE) and XML entity expansion (XEE) attacks via multibyte encoded characters.

debian логотип

CVE-2015-5161

debian
больше 10 лет назад

The Zend_Xml_Security::scan in ZendXml before 1.0.1 and Zend Framework ...

github логотип

GHSA-xp8p-9rq5-4wgv

github
больше 3 лет назад

ZendXml and Zend Framework contain XXE and XEE Vulnerabilities

suse-cvrf логотип

SUSE-SU-2016:1638-1

suse-cvrf
больше 9 лет назад

Security update for php53

6.8 Medium

CVSS2