VIR Vulnerability Intelligence Relay

CVE-2012-6531

medium
Published 2013-02-13 · Modified 2024-01-12
CVSS v3
CVSS v2
6.4
VIR risk
6.4

Description

Zend Framework XEE Vulnerability

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://framework.zend.com/security/advisory/ZF2012-01

Package impact
EcosystemPackageVulnerableFixed
php Packagistzendframework/zendframework1>=1.0,<1.11.131.11.13
php Packagistzendframework/zendframework1>=1.12.0-rc1,<1.12.01.12.0

Application impact
VendorProductVersionsFixed
zendzend_framework1.0.4
zendzend_framework1.5.0
zendzend_framework1.5.1
zendzend_framework1.5.2
zendzend_framework1.5.3
zendzend_framework1.6.0
zendzend_framework1.6.1
zendzend_framework1.6.2
zendzend_framework1.7.0
zendzend_framework1.7.1
zendzend_framework1.7.2
zendzend_framework1.7.3
zendzend_framework1.7.4
zendzend_framework1.7.5
zendzend_framework1.7.6
zendzend_framework1.7.7
zendzend_framework1.7.8
zendzend_framework1.7.9
zendzend_framework1.8.0
zendzend_framework1.8.1
zendzend_framework1.8.2
zendzend_framework1.8.3
zendzend_framework1.8.4
zendzend_framework1.8.5
zendzend_framework1.9.0
zendzend_framework1.9.1
zendzend_framework1.9.2
zendzend_framework1.9.3
zendzend_framework1.9.4
zendzend_framework1.9.5
zendzend_framework1.9.6
zendzend_framework1.9.7
zendzend_framework1.9.8
zendzend_framework1.10.0
zendzend_framework1.10.1
zendzend_framework1.10.2
zendzend_framework1.10.3
zendzend_framework1.10.4
zendzend_framework1.10.5
zendzend_framework1.10.6
zendzend_framework1.10.7
zendzend_framework1.10.8
zendzend_framework1.11.0
zendzend_framework1.11.1
zendzend_framework1.11.2
zendzend_framework1.11.3
zendzend_framework1.11.4
zendzend_framework1.11.5
zendzend_framework1.11.6
zendzend_framework1.11.7
zendzend_framework1.11.8
zendzend_framework1.11.9
zendzend_framework1.11.10
zendzend_framework1.11.11
zendzend_framework1.11.12
zendzend_framework1.12.0

References

CWEs

CWE-20

Verify integrity in audit chain (admin only). AS-IS.