Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-e8sg-z3kf-zqet
Vulnerability ID VCID-e8sg-z3kf-zqet
Aliases GHSA-3x57-m5p4-rgh4
Summary ZendOpenID potential security issue in login mechanism Using the Consumer component of ZendOpenId (or Zend_OpenId in ZF1), it is possible to login using an arbitrary OpenID account (without knowing any secret information) by using a malicious OpenID Provider. That means OpenID it is possible to login using arbitrary OpenID Identity (MyOpenID, Google, etc), which are not under the control of our own OpenID Provider. Thus, we are able to impersonate any OpenID Identity against the framework. Moreover, the Consumer accepts OpenID tokens with arbitrary signed elements. The framework does not check if, for example, both openid.claimed_id and openid.endpoint_url are signed. It is just sufficient to sign one parameter. According to https://openid.net/specs/openid-authentication-2_0.html#positive_assertions, at least op_endpoint, return_to, response_nonce, assoc_handle, and, if present in the response, claimed_id and identity, must be signed.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-287 Improper Authentication
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
cvssv3.1 7.5 https://framework.zend.com/security/advisory/ZF2014-02
generic_textual HIGH https://framework.zend.com/security/advisory/ZF2014-02
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-3x57-m5p4-rgh4
cvssv3.1 7.5 https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zendopenid/ZF2014-02.yaml
generic_textual HIGH https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zendopenid/ZF2014-02.yaml
cvssv3.1 7.5 https://github.com/zendframework/ZendOpenId
generic_textual HIGH https://github.com/zendframework/ZendOpenId
cvssv3.1 7.5 https://github.com/zendframework/ZendOpenId/commit/16648e1b2acf760d0c67a8c1dd913fed0c0f61f7
generic_textual HIGH https://github.com/zendframework/ZendOpenId/commit/16648e1b2acf760d0c67a8c1dd913fed0c0f61f7
cvssv3.1 7.5 https://github.com/zendframework/ZendOpenId/commit/709789c1ca290771730133db4d8b8de2972b36ce
generic_textual HIGH https://github.com/zendframework/ZendOpenId/commit/709789c1ca290771730133db4d8b8de2972b36ce
Reference id Reference type URL
https://framework.zend.com/security/advisory/ZF2014-02
https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zendopenid/ZF2014-02.yaml
https://github.com/zendframework/ZendOpenId
https://github.com/zendframework/ZendOpenId/commit/16648e1b2acf760d0c67a8c1dd913fed0c0f61f7
https://github.com/zendframework/ZendOpenId/commit/709789c1ca290771730133db4d8b8de2972b36ce
GHSA-3x57-m5p4-rgh4 https://github.com/advisories/GHSA-3x57-m5p4-rgh4
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://framework.zend.com/security/advisory/ZF2014-02
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zendopenid/ZF2014-02.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/zendframework/ZendOpenId
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/zendframework/ZendOpenId/commit/16648e1b2acf760d0c67a8c1dd913fed0c0f61f7
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/zendframework/ZendOpenId/commit/709789c1ca290771730133db4d8b8de2972b36ce
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

No EPSS data available for this vulnerability.

Date Actor Action Source VulnerableCode Version
2026-06-04T16:21:55.439347+00:00 GitLab Importer Import https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/zendframework/zendopenid/GHSA-3x57-m5p4-rgh4.yml 38.6.0