Laminas Project laminas-http - Remote Code Execution

Laminas Project laminas-http 2.14.2 and Zend Framework 3.0.0 contain a deserialization vulnerability caused by destruct method in Zend\Http\Response\Stream, letting attackers control content lead to remote code execution, exploit requires attacker-controlled serialized data. id: CVE-2021-3007...

Exploit for Deserialization of Untrusted Data in Getlaminas Laminas-Http

CVE-2021-3007 Vulnerable Test Environment !Dockerhttps://...

Remote code execution in zendframework and laminas-http

Laminas Project laminas-http before 2.14.2, and Zend Framework 3.0.0, has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the destruct method of the Zend\Http\Response\Stream class in Stream.php. NOTE: Zend Framework is no longer...

GHSA-XX8F-QF9F-5FGW Remote code execution in zendframework and laminas-http

Laminas Project laminas-http before 2.14.2, and Zend Framework 3.0.0, has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the destruct method of the Zend\Http\Response\Stream class in Stream.php. NOTE: Zend Framework is no longer...

VulnCheck KEV: CVE-2021-3007

Laminas Project laminas-http before 2.14.2, and Zend Framework 3.0.0, has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the destruct method of the Zend\Http\Response\Stream class in Stream.php. NOTE: Zend Framework is no longer...

PT-2021-18593 · Zend +1 · Zend Framework +1

Name of the Vulnerable Software and Affected Versions: Laminas Project laminas-http versions prior to 2.14.2 Zend Framework version 3.0.0 Description: The issue is related to a deserialization vulnerability that can lead to remote code execution if the content is controllable. This is due to the...

Laminas Project laminas-http and Zend Framework Code Issues Vulnerabilities

ZEND Zend Framework is an open source PHP development framework from ZEND Corporation, which is mainly used for developing web programs and services.Laminas Project laminas-http is an HTTP message and header abstraction and HTTP client implementation of the Laminas Project. A code issue...