Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/zendframework/zendframework@2.1.0
purl pkg:composer/zendframework/zendframework@2.1.0
Next non-vulnerable version 2.1.4
Latest non-vulnerable version 2.5.2
Risk
Vulnerabilities affecting this package (6)
Vulnerability Summary Fixed by
VCID-2em7-tb35-vqg8
Aliases:
ZF2013-02
Potential Information Disclosure and Insufficient Entropy vulnerabilities in `Zend\Math\Rand` and `Zend\Validate\Csrf` Components.
2.1.4
Affected by 0 other vulnerabilities.
VCID-2g8z-51nu-17hs
Aliases:
ZF2015-01
Session Fixation Session validation vulnerability.
2.2.9
Affected by 0 other vulnerabilities.
2.3.4
Affected by 0 other vulnerabilities.
VCID-5bm4-grk6-w7hk
Aliases:
CVE-2015-3154
CRLF Injection Potential CRLF injection attacks in mail and HTTP headers.
2.2.0
Affected by 3 other vulnerabilities.
2.3.8
Affected by 0 other vulnerabilities.
2.4.1
Affected by 0 other vulnerabilities.
VCID-de8f-p8x2-fbfr
Aliases:
ZF2013-03
SQL Injection Potential SQL injection due to execution of platform-specific SQL containing interpolations.
2.1.4
Affected by 0 other vulnerabilities.
VCID-grk8-aj34-hqb4
Aliases:
ZF2014-01
Improper Restriction of XML External Entity Reference Potential XXE/XEE attacks using PHP functions: `simplexml_load_*`, `DOMDocument::loadXML`, and `xml_parse`.
2.1.6
Affected by 0 other vulnerabilities.
2.2.6
Affected by 0 other vulnerabilities.
VCID-ux4f-q4es-gua5
Aliases:
ZF2013-01
Paramter Injection Route Parameter Injection Via Query String in `Zend\Mvc`.
2.1.4
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-02T04:36:22.957764+00:00 GitLab Importer Affected by VCID-5bm4-grk6-w7hk https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/zendframework/zendframework/CVE-2015-3154.yml 38.6.0
2026-06-02T04:36:20.703771+00:00 GitLab Importer Affected by VCID-2g8z-51nu-17hs https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/zendframework/zendframework/ZF2015-01.yml 38.6.0
2026-06-02T04:36:13.902935+00:00 GitLab Importer Affected by VCID-grk8-aj34-hqb4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/zendframework/zendframework/ZF2014-01.yml 38.6.0
2026-06-02T04:36:08.378789+00:00 GitLab Importer Affected by VCID-2em7-tb35-vqg8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/zendframework/zendframework/ZF2013-02.yml 38.6.0
2026-06-02T04:36:08.339732+00:00 GitLab Importer Affected by VCID-de8f-p8x2-fbfr https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/zendframework/zendframework/ZF2013-03.yml 38.6.0
2026-06-02T04:36:08.301456+00:00 GitLab Importer Affected by VCID-ux4f-q4es-gua5 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/zendframework/zendframework/ZF2013-01.yml 38.6.0