CVE-2015-7503
NONE EPSS 68.3%
Published Oct 10, 20178y ago · Modified Jun 17, 20262w ago
Published Oct 10, 2017 8y ago
Last Modified Jun 17, 2026 2w ago
Description
Zend Framework before 2.4.9, zend-framework/zend-crypt 2.4.x before 2.4.9, and 2.5.x before 2.5.2 allows remote attackers to recover the RSA private key.
Threat Intelligence
EPSS Exploit Probability
68.3% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-320
Affected Products 11
| Vendor | Product | Version | Range |
|---|---|---|---|
| zend | zend_framework | 2.4.0 | any |
| zend | zend_framework | 2.4.1 | any |
| zend | zend_framework | 2.4.2 | any |
| zend | zend_framework | 2.4.3 | any |
| zend | zend_framework | 2.4.4 | any |
| zend | zend_framework | 2.4.5 | any |
| zend | zend_framework | 2.4.6 | any |
| zend | zend_framework | 2.4.7 | any |
| zend | zend_framework | 2.4.8 | any |
| zend | zend_framework | 2.5.0 | any |
| zend | zend_framework | 2.5.1 | any |
References 2
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=1283137
- framework.zend.com https://framework.zend.com/security/advisory/ZF2015-10
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.