VulnerableCode Package Details - pkg:composer/openid/php-openid@2.3.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:composer/openid/php-openid@2.3.0

Essentials
History (3)

purl	pkg:composer/openid/php-openid@2.3.0

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-7ngg-6yuz-jkge	Improper Restriction of XML External Entity Reference `Auth/Yadis/XML.php` in PHP OpenID allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via XRDS data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.	CVE-2013-4701 GHSA-5qp6-78pr-gv8c

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-04T14:31:32.570460+00:00	GHSA Importer	Fixing	VCID-7ngg-6yuz-jkge	https://github.com/advisories/GHSA-5qp6-78pr-gv8c	38.1.0
2026-04-01T13:10:57.962273+00:00	GithubOSV Importer	Fixing	VCID-7ngg-6yuz-jkge	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-5qp6-78pr-gv8c/GHSA-5qp6-78pr-gv8c.json	38.0.0
2026-04-01T12:46:50.105270+00:00	GitLab Importer	Fixing	VCID-7ngg-6yuz-jkge	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/openid/php-openid/CVE-2013-4701.yml	38.0.0