DEBIAN-CVE-2015-5723

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2015-5723
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2015-5723.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2015-5723
Upstream
Downstream
Published
2016-06-07T14:06:08.697Z
Modified
2025-11-19T01:19:02.590205Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local users to execute arbitrary PHP code with additional privileges by leveraging an application with the umask set to 0 and that executes cache entries as code.

References

Affected packages

Debian:11
doctrine

Package

Name
doctrine
Purl
pkg:deb/debian/doctrine?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.8-1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2015-5723.json"
php-doctrine-annotations

Package

Name
php-doctrine-annotations
Purl
pkg:deb/debian/php-doctrine-annotations?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.7-1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2015-5723.json"
php-doctrine-bundle

Package

Name
php-doctrine-bundle
Purl
pkg:deb/debian/php-doctrine-bundle?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.5.2-1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2015-5723.json"
php-doctrine-cache

Package

Name
php-doctrine-cache
Purl
pkg:deb/debian/php-doctrine-cache?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2015-5723.json"
php-doctrine-common

Package

Name
php-doctrine-common
Purl
pkg:deb/debian/php-doctrine-common?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.3-1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2015-5723.json"
Debian:12
doctrine

Package

Name
doctrine
Purl
pkg:deb/debian/doctrine?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.8-1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2015-5723.json"
php-doctrine-annotations

Package

Name
php-doctrine-annotations
Purl
pkg:deb/debian/php-doctrine-annotations?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.7-1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2015-5723.json"
php-doctrine-cache

Package

Name
php-doctrine-cache
Purl
pkg:deb/debian/php-doctrine-cache?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2015-5723.json"
php-doctrine-common

Package

Name
php-doctrine-common
Purl
pkg:deb/debian/php-doctrine-common?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.3-1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2015-5723.json"
Debian:13
doctrine

Package

Name
doctrine
Purl
pkg:deb/debian/doctrine?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.8-1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2015-5723.json"
php-doctrine-annotations

Package

Name
php-doctrine-annotations
Purl
pkg:deb/debian/php-doctrine-annotations?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.7-1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2015-5723.json"
php-doctrine-cache

Package

Name
php-doctrine-cache
Purl
pkg:deb/debian/php-doctrine-cache?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2015-5723.json"
php-doctrine-common

Package

Name
php-doctrine-common
Purl
pkg:deb/debian/php-doctrine-common?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.3-1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2015-5723.json"
Debian:14
doctrine

Package

Name
doctrine
Purl
pkg:deb/debian/doctrine?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.8-1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2015-5723.json"
php-doctrine-annotations

Package

Name
php-doctrine-annotations
Purl
pkg:deb/debian/php-doctrine-annotations?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.7-1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2015-5723.json"
php-doctrine-cache

Package

Name
php-doctrine-cache
Purl
pkg:deb/debian/php-doctrine-cache?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2015-5723.json"
php-doctrine-common

Package

Name
php-doctrine-common
Purl
pkg:deb/debian/php-doctrine-common?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.3-1

Ecosystem specific 

{
    "urgency": "low"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2015-5723.json"