GHSA-w5mj-j45q-m638
Suggest an improvement- Source
- https://github.com/advisories/GHSA-w5mj-j45q-m638
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/06/GHSA-w5mj-j45q-m638/GHSA-w5mj-j45q-m638.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-w5mj-j45q-m638
- Published
- 2024-06-07T21:49:55Z
- Modified
- 2024-06-07T21:49:55Z
- Summary
- ZendFramework1 Potential Security Issues in Bundled Dojo Library
- Details
-
In mid-March, 2010, the Dojo Foundation issued a Security Advisory indicating potential security issues with specific files in Dojo Toolkit. Details of the advisory may be found on the Dojo website:
http://dojotoolkit.org/blog/post/dylan/2010/03/dojo-security-advisory/ In particular, several files in the Dojo tree were identified as having potential exploits, and the Dojo team also advised disabling or removing any PHP scripts in the tree when deploying to production.
- Database specific
{ "nvd_published_at": null, "cwe_ids": [], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-06-07T21:49:55Z" }- References
-
- https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zendframework1/ZF2010-07.yaml
- https://github.com/zendframework/zf1
- https://web.archive.org/web/20210509072723/https://framework.zend.com/security/advisory/ZF2010-07
- http://dojotoolkit.org/blog/post/dylan/2010/03/dojo-security-advisory
Affected packages
Packagist / zendframework/zendframework1
Package
- Name
- zendframework/zendframework1
- Purl
- pkg:composer/zendframework/zendframework1
Packagist / zendframework/zendframework1
Package
- Name
- zendframework/zendframework1
- Purl
- pkg:composer/zendframework/zendframework1