GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
4,081 advisories
Filter by severity
Zend-JSON vulnerable to XXE/XEE attacks
Critical
GHSA-8x2v-pcg7-94f4
was published
for
zendframework/zend-json
(Composer)
Jun 7, 2024
Zendframework Local file disclosure via XXE injection in Zend_XmlRpc
High
GHSA-229x-22xc-2f2w
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
Zendframework Denial of Service vector via XEE injection
High
GHSA-2jx7-xg83-j2m7
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
ZendFramework Cross-site Scripting vector in `Zend_Filter_StripTags`
Moderate
GHSA-gwpm-pm6x-h7rj
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
Duplicate Advisory: aimeos-core arbitrary file upload vulnerability
High
CVE-2024-36811
was published
for
aimeos/aimeos-core
(Composer)
Jun 7, 2024
•
withdrawn
Zend-Session session validation vulnerability
Moderate
GHSA-96c6-m98x-hxjx
was published
for
zendframework/zend-session
(Composer)
Jun 7, 2024
ZendFramework Potential Cross-site Scripting in Development Environment Error View Script
Moderate
GHSA-g52p-86j5-xr8q
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
Zend-Mail remote code execution in zend-mail via Sendmail adapter
High
GHSA-cxf7-m5g2-v594
was published
for
zendframework/zend-mail
(Composer)
Jun 7, 2024
ZendFramework potential XML eXternal Entity injection vectors
Critical
GHSA-mhpx-3rv8-wrjm
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
ZendFramework potential XML eXternal Entity injection vectors
High
GHSA-4j9x-g4x8-vcmf
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
ZendFramework potential Cross-site Scripting vectors due to inconsistent encodings
Moderate
GHSA-hg35-vqp3-fv39
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
ZendFramework potential SQL Injection Vector When Using PDO_MySql
Critical
GHSA-qf36-fx9f-232x
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
ZendFramework potential Cross-site Scripting vector in `Zend_Dojo_View_Helper_Editor`
Moderate
GHSA-j543-vg33-g6vj
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
ZendFramework vulnerable to XXE/XEE attacks
Critical
GHSA-f4fj-q6m4-cc52
was published
for
zendframework/zend-xmlrpc
(Composer)
Jun 7, 2024
ZendFramework local file inclusion vector in `Zend_View::setScriptPath()` and `render()`
High
GHSA-hx3m-959f-v849
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
ZendFramework has potential Cross-site Scripting vector in multiple view helpers
Moderate
GHSA-m7hr-j867-3f34
was published
for
zendframework/zend-view
(Composer)
Jun 7, 2024
Zendframework URL Rewrite vulnerability
Moderate
GHSA-fh7r-58q4-6387
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
ZendFramework vulnerable to Cross-site Scripting
Moderate
GHSA-5gmf-3c43-q73v
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
ZendFramework potential remote code execution in zend-mail via Sendmail adapter
Moderate
GHSA-gff2-p6vm-3p8g
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
ZendFramework Potential Proxy Injection Vulnerabilities
Moderate
GHSA-mg7h-9qfx-4r83
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
ZendFramework Information Disclosure and Insufficient Entropy vulnerability
Moderate
GHSA-2fhr-8r8r-qp56
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
ZendFramework SQL injection due to execution of platform-specific SQL containing interpolations
High
GHSA-x2f4-8wxf-w3vf
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
Zendframework vulnerable to XXE/XEE attacks
Critical
GHSA-qc7w-4567-84wv
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
ZendFramework Potential Information Disclosure and Insufficient Entropy vulnerabilities
High
GHSA-xg9w-r469-m455
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
Zendframework session validation vulnerability
Moderate
GHSA-62f6-h68r-3jpw
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
ProTip!
Advisories are also available from the
GraphQL API