VDB

GCVE-110-MAGEIA-2015-370

GCVE-110-MAGEIA-2015-370
Advisory Published
Vulnetix · Advisory published September 15, 2015
Updated php-ZendFramework packages fix security vulnerability: Dawid Golunski discovered that when running under PHP-FPM in a threaded environment, Zend Framework, a PHP framework, did not properly handle XML data in multibyte encoding. This could be used by remote attackers to perform an XML External Entity attack via crafted XML data (CVE-2015-5161).

Affected Products

VendorProductVersionsPlatforms
Mageiaphp-ZendFramework1.12.15-1.mga4 (unaffected), 0 (affected)

Browse GCVE Records

73,280 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›