CVE-2015-7503

NONE EPSS 68.3%
Published Oct 10, 20178y ago · Modified Jun 17, 20262w ago
Find Similar
Published Oct 10, 2017 8y ago
Last Modified Jun 17, 2026 2w ago

Description

Zend Framework before 2.4.9, zend-framework/zend-crypt 2.4.x before 2.4.9, and 2.5.x before 2.5.2 allows remote attackers to recover the RSA private key.

Threat Intelligence

EPSS Exploit Probability
68.3% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-320

Affected Products 11

VendorProductVersionRange
zendzend_framework2.4.0any
zendzend_framework2.4.1any
zendzend_framework2.4.2any
zendzend_framework2.4.3any
zendzend_framework2.4.4any
zendzend_framework2.4.5any
zendzend_framework2.4.6any
zendzend_framework2.4.7any
zendzend_framework2.4.8any
zendzend_framework2.5.0any
zendzend_framework2.5.1any

References 2

  • bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=1283137
    Issue TrackingThird Party Advisory
  • framework.zend.com https://framework.zend.com/security/advisory/ZF2015-10
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.