XML External Entity Vulnerability in Zend Framework by Zend Technologies
CVE-2014-2681

Currently unrated

Key Information:

Vendor

Zend

Status
Zendrest
Vendor
CVE Published:
16 November 2014

What is CVE-2014-2681?

A vulnerability in Zend Framework prior to specified versions allows remote attackers to exploit XML External Entity issues. This can lead to unauthorized reading of local files, sending malicious HTTP requests to internal networks, and potentially causing a denial of service by consuming CPU and memory resources. The issue arises from an incomplete fix of a prior vulnerability, highlighting the necessity for regular updates and security checks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.mandriva.com/security/advisories?name=MDVSA-20...
vendor-advisoryx_refsource_MANDRIVA
http://advisories.mageia.org/MGASA-2014-0151.html
x_refsource_CONFIRM
http://www.securityfocus.com/bid/66358
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.