Search for packages
| purl | pkg:composer/zendframework/zendframework1@1.12.19 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-rc3w-5r97-k3b3
Aliases: ZF2016-03 |
Potential SQL injection in ORDER and GROUP functions The implementation of ORDER BY and GROUP BY in `Zend_Db_Select` is prone to SQL injection when a combination of SQL expressions and comments are used. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-2xx4-77e9-pfbb | Potential SQL injection The implementation of `ORDER BY` and `GROUP BY` in `Zend_Db_Select` of ZF1 is vulnerable by the following SQL injection. |
ZF2016-02
|
| VCID-bjvu-jg9w-mqdd | SQL Injection The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework might allow remote attackers to conduct SQL injection attacks via vectors related to use of the character pattern `[\w]*` in a regular expression. |
CVE-2016-6233
GHSA-p9hp-3gpv-52w3 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-04T20:06:23.031998+00:00 | GitLab Importer | Affected by | VCID-rc3w-5r97-k3b3 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/zendframework/zendframework1/ZF2016-03.yml | 38.6.0 |
| 2026-06-04T17:55:19.027807+00:00 | GithubOSV Importer | Fixing | VCID-bjvu-jg9w-mqdd | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-p9hp-3gpv-52w3/GHSA-p9hp-3gpv-52w3.json | 38.6.0 |
| 2026-06-02T04:36:47.920352+00:00 | GitLab Importer | Fixing | VCID-bjvu-jg9w-mqdd | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/zendframework/zendframework1/CVE-2016-6233.yml | 38.6.0 |
| 2026-06-02T04:36:36.883834+00:00 | GitLab Importer | Fixing | VCID-2xx4-77e9-pfbb | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/zendframework/zendframework1/ZF2016-02.yml | 38.6.0 |