VulnerableCode Package Details - pkg:composer/zendframework/zendframework1@1.7.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:composer/zendframework/zendframework1@1.7.0

Essentials
History (6)

purl	pkg:composer/zendframework/zendframework1@1.7.0

Next non-vulnerable version	1.11.12
Latest non-vulnerable version	1.12.20
Risk

Vulnerabilities affecting this package (6)

Vulnerability	Summary	Fixed by
VCID-24xb-s5fu-xuc2 Aliases: ZF2010-05	Cross-site Scripting Potential XSS vector in `Zend_Service_ReCaptcha_MailHide`.	1.12.0 Affected by 12 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-46j8-n7cg-3feu Aliases: ZF2009-02	Cross-site Scripting XSS vector in `Zend_Filter_StripTags`.	1.12.0 Affected by 12 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-6j4n-cucb-5fdy Aliases: ZF2010-02	Cross-site Scripting Potential XSS vector in `Zend_Dojo_View_Helper_Editor`.	1.12.0 Affected by 12 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-cp8b-e8wm-kfb3 Aliases: ZF2010-06	Cross-Site Scripting Potential Security Issues in Bundled Dojo Library.	1.12.0 Affected by 12 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-e2nf-wm5h-fqav Aliases: ZF2009-01	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') File Inclusion vector in `Zend_View::setScriptPath()` and `render()`.	1.12.0 Affected by 12 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-e98a-dehh-ybbe Aliases: ZF2010-03	Cross-site Scripting Potential XSS vector in `Zend_Filter_StripTags` when comments allowed.	1.12.0 Affected by 12 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:36:03.390167+00:00	GitLab Importer	Affected by	VCID-e98a-dehh-ybbe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/zendframework/zendframework1/ZF2010-03.yml	38.6.0
2026-06-02T04:36:03.360912+00:00	GitLab Importer	Affected by	VCID-6j4n-cucb-5fdy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/zendframework/zendframework1/ZF2010-02.yml	38.6.0
2026-06-02T04:36:03.332279+00:00	GitLab Importer	Affected by	VCID-cp8b-e8wm-kfb3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/zendframework/zendframework1/ZF2010-06.yml	38.6.0
2026-06-02T04:36:03.300349+00:00	GitLab Importer	Affected by	VCID-24xb-s5fu-xuc2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/zendframework/zendframework1/ZF2010-05.yml	38.6.0
2026-06-02T04:36:02.967675+00:00	GitLab Importer	Affected by	VCID-46j8-n7cg-3feu	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/zendframework/zendframework1/ZF2009-02.yml	38.6.0
2026-06-02T04:36:02.943041+00:00	GitLab Importer	Affected by	VCID-e2nf-wm5h-fqav	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/zendframework/zendframework1/ZF2009-01.yml	38.6.0