6 matches found
EUVD-2022-3708
Malicious code in bioql PyPI...
Zend Access Restriction Bypass
The 1 ZendLdap class in Zend before 1.12.9 and 2 Zend\Ldap component in Zend 2.x before 2.2.8 and 2.3.x before 2.3.3 allows remote attackers to bypass authentication via a password starting with a null byte, which triggers an unauthenticated bind...
Amazon Linux AMI : php-ZendFramework (ALAS-2014-460)
The 1 ZendLdap class in Zend before 1.12.9 and 2 Zend\Ldap component in Zend 2.x before 2.2.8 and 2.3.x before 2.3.3 allows remote attackers to bypass authentication via a password starting with a null byte, which triggers an unauthenticated bind. CVE-2014-8088 The 1.12.9, 2.2.8, and 2.3.3 releas...
CVE-2014-8088
The 1 ZendLdap class in Zend before 1.12.9 and 2 Zend\Ldap component in Zend 2.x before 2.2.8 and 2.3.x before 2.3.3 allows remote attackers to bypass authentication via a password starting with a null byte, which triggers an unauthenticated bind...
Authentication flaw
The 1 ZendLdap class in Zend before 1.12.9 and 2 Zend\Ldap component in Zend 2.x before 2.2.8 and 2.3.x before 2.3.3 allows remote attackers to bypass authentication via a password starting with a null byte, which triggers an unauthenticated bind...
CVE-2014-8088
CVE-2014-8088 affects Zend Framework: the Zend_Ldap class (Zend Framework 1.x) before 1.12.9 and Zend_Ldap component in Zend Framework 2.x before 2.2.8 and before 2.3.3 (on 2.3.x) can be abused by a password that starts with a null byte to trigger an unauthenticated bind and bypass authentication...