cbcvebase.
CVE-2015-5161
published 2015-08-25

CVE-2015-5161: The Zend_Xml_Security::scan in ZendXml before 1.0.1 and Zend Framework before 1.12.14, 2.x before 2.4.6, and 2.5.x before 2.5.2, when running under PHP-FPM in…

PriorityP349medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
9.91%
95.0th percentile
The Zend_Xml_Security::scan in ZendXml before 1.0.1 and Zend Framework before 1.12.14, 2.x before 2.4.6, and 2.5.x before 2.5.2, when running under PHP-FPM in a threaded environment, allows remote attackers to bypass security checks and conduct XML external entity (XXE) and XML entity expansion (XEE) attacks via multibyte encoded characters.

Affected

137 ranges· showing 25
VendorProductVersion rangeFixed in
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
opensuseleap
opensuseopensuse
phpphp>= 5.5.0 < 5.5.225.5.22
phpphp>= 5.6.0 < 5.6.65.6.6
phpphp>= 7.0.0 < 7.0.277.0.27
phpphp>= 7.1.0 < 7.1.137.1.13
phpphp>= 7.2.0 < 7.2.17.2.1
php5php5>= 0 < 5.5.9+dfsg-1ubuntu4.165.5.9+dfsg-1ubuntu4.16
suselinux_enterprise_module_for_web_scripting
suselinux_enterprise_software_development_kit
zendzend_framework
zendzend_framework
zendzend_framework
zendzend_framework
zendzend_framework
zendzend_framework
zendzend_framework
zendzend_framework
zendzend_framework
zendzend_framework
zendzend_framework
zendzend_framework

CVSS provenance

nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_redhat6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.