Information on source package zendframework

Available versions

ReleaseVersion
jessie1.12.9+dfsg-2+deb8u6
jessie (security)1.12.9+dfsg-2+deb8u7

Resolved issues

BugDescription
TEMP-0000000-BD69C5ZF2015-09: Potential Information Disclosure and Insufficient Entropy vulnerability in Zend/Captcha/Word
TEMP-0000000-BD20F7ZF2010-07
TEMP-0000000-BB4B08zend framework multiple issues
TEMP-0000000-29F04AZF2016-01: Potential Insufficient Entropy Vulnerability in ZF1
CVE-2016-6233The (1) order and (2) group methods in Zend_Db_Select in the Zend Fram ...
CVE-2016-4861The (1) order and (2) group methods in Zend_Db_Select in the Zend Fram ...
CVE-2016-10034The setFrom function in the Sendmail adapter in the zend-mail componen ...
CVE-2015-7695The PDO adapters in Zend Framework before 1.12.16 do not filer null by ...
CVE-2015-5723Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before ...
CVE-2015-5161The Zend_Xml_Security::scan in ZendXml before 1.0.1 and Zend Framework ...
CVE-2015-3154CRLF injection vulnerability in Zend\Mail (Zend_Mail) in Zend Framewor ...
CVE-2015-1786Cross-site request forgery (CSRF) vulnerability in Zend/Validator/Csrf ...
CVE-2015-1555Zend/Session/SessionManager in Zend Framework 2.2.x before 2.2.9, 2.3. ...
CVE-2015-0270Zend Framework before 2.2.10 and 2.3.x before 2.3.5 has Potential SQL ...
CVE-2014-8089SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x bef ...
CVE-2014-8088The (1) Zend_Ldap class in Zend before 1.12.9 and (2) Zend\Ldap compon ...
CVE-2014-4914The Zend_Db_Select::order function in Zend Framework before 1.12.7 doe ...
CVE-2014-4913ZF2014-03 has a potential cross site scripting vector in multiple view ...
CVE-2014-2685The GenericConsumer class in the Consumer component in ZendOpenId befo ...
CVE-2014-2684The GenericConsumer class in the Consumer component in ZendOpenId befo ...
CVE-2014-2683Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 an ...
CVE-2014-2682Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 an ...
CVE-2014-2681Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 an ...
CVE-2012-6532(1) Zend_Dom, (2) Zend_Feed, (3) Zend_Soap, and (4) Zend_XmlRpc in Zen ...
CVE-2012-6531(1) Zend_Dom, (2) Zend_Feed, and (3) Zend_Soap in Zend Framework 1.x b ...
CVE-2012-5657The (1) Zend_Feed_Rss and (2) Zend_Feed_Atom classes in Zend_Feed in Z ...
CVE-2012-4451Multiple cross-site scripting (XSS) vulnerabilities in Zend Framework ...
CVE-2012-3363Zend_XmlRpc in Zend Framework 1.x before 1.11.12 and 1.12.x before 1.1 ...
CVE-2011-1939SQL injection vulnerability in Zend Framework 1.10.x before 1.10.9 and ...

Security announcements

DSA / DLADescription
DLA-1403-1zendframework - security update
DLA-646-1zendframework - security update
DLA-326-1zendframework - security update
DSA-3369-1zendframework - security update
DSA-3369-1zendframework - security update
DLA-302-1zendframework - security update
DSA-3340-1zendframework - security update
DSA-3340-1zendframework - security update
DLA-251-2zendframework - regression update
DLA-251-1zendframework - security update
DSA-3265-2zendframework - regression update
DSA-3265-2zendframework - regression update
DSA-3265-1zendframework - security update
DSA-2602-1zendframework - XML external entity inclusion
DSA-2505-1zendframework - information disclosure

Search for package or bug name: Reporting problems