FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-31 16:42:47 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
d3324fdb-6bf0-11e5-bc5e-00505699053e	ZendFramework1 -- SQL injection vulnerability Zend Framework developers report: The PDO adapters of Zend Framework 1 do not filter null bytes values in SQL statements. A PDO adapter can treat null bytes in a query as a string terminator, allowing an attacker to add arbitrary SQL following a null byte, and thus create a SQL injection. Discovery 2015-09-15 Entry 2015-10-06 Modified 2015-10-12 ZendFramework1 < 1.12.16 CVE-2015-7695 http://www.openwall.com/lists/oss-security/2015/09/30/6 http://framework.zend.com/security/advisory/ZF2015-08

VuXML ID

Description

d3324fdb-6bf0-11e5-bc5e-00505699053e

ZendFramework1 -- SQL injection vulnerability

Zend Framework developers report:

The PDO adapters of Zend Framework 1 do not filter null bytes values in SQL statements. A PDO adapter can treat null bytes in a query as a string terminator, allowing an attacker to add arbitrary SQL following a null byte, and thus create a SQL injection.

Discovery 2015-09-15
Entry 2015-10-06
Modified 2015-10-12
ZendFramework1

< 1.12.16

CVE-2015-7695
http://www.openwall.com/lists/oss-security/2015/09/30/6
http://framework.zend.com/security/advisory/ZF2015-08