zend security advisories

2 threat alerts tracking vulnerabilities and security advisories that affect zend products.

Vulnios monitors zend CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent zend security news in one place, or click into an individual alert for full detail.

Critical Vulnerability: CVE-2016-10034 — zend — zend_framework, zend-mail
The setFrom function in the Sendmail adapter in the zend-mail component before 2.4.11, 2.5.x, 2.6.x, and 2.7.x before 2.7.2, and Zend Framework before 2.4.11 might allow remote attackers to pass extra
criticalCVE-2016-10034
Critical Vulnerability: CVE-2015-1555 — zend — zend_framework
Zend/Session/SessionManager in Zend Framework 2.2.x before 2.2.9, 2.3.x before 2.3.4 allows remote attackers to create valid sessions without using session validators.
criticalCVE-2015-1555

Track zend exposure across your environment

Vulnios automatically cross-references your asset inventory against new zend CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.

Start a free scan

zend security advisories

Critical Vulnerability: CVE-2016-10034 — zend — zend_framework, zend-mail

Critical Vulnerability: CVE-2015-1555 — zend — zend_framework

Track zend exposure across your environment