Zend

Zendopenid

5 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.4

CVE-2014-2684

  • EPSS 0.57%
  • Published 16.11.2014 00:59:04
  • Last modified 12.04.2025 10:46:40

The GenericConsumer class in the Consumer component in ZendOpenId before 2.0.2 and the Zend_OpenId_Consumer class in Zend Framework 1 before 1.12.4 does not verify that the openid_op_endpoint value identifies the same Identity Provider as the provide...

5

CVE-2014-2683

  • EPSS 2.98%
  • Published 16.11.2014 00:59:03
  • Last modified 12.04.2025 10:46:40

Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure before 2....

6.8

CVE-2014-2682

  • EPSS 1.83%
  • Published 16.11.2014 00:59:02
  • Last modified 12.04.2025 10:46:40

Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure before 2....

6.4

CVE-2014-2681

  • EPSS 3.45%
  • Published 16.11.2014 00:59:00
  • Last modified 12.04.2025 10:46:40

Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure before 2....

7.5

CVE-2014-2685

  • EPSS 0.84%
  • Published 04.09.2014 17:55:04
  • Last modified 12.04.2025 10:46:40

The GenericConsumer class in the Consumer component in ZendOpenId before 2.0.2 and the Zend_OpenId_Consumer class in Zend Framework 1 before 1.12.4 violate the OpenID 2.0 protocol by ensuring only that at least one field is signed, which allows remot...