ZendFramework1 Potential Security Issues in Bundled Dojo Library

In mid-March, 2010, the Dojo Foundation issued a Security Advisory indicating potential security issues with specific files in Dojo Toolkit. Details of the advisory may be found on the Dojo website:

http://dojotoolkit.org/blog/post/dylan/2010/03/dojo-security-advisory/ In particular, several files in the Dojo tree were identified as having potential exploits, and the Dojo team also advised disabling or removing any PHP scripts in the tree when deploying to production.

Published: Jun 7, 2024
Updated: Jun 27, 2024
GHSA: GHSA-w5mj-j45q-m638
Severity: Medium
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
zendframework / zendframework1	1.9.0	1.9.8
zendframework / zendframework1	1.10.0	1.10.3

http://dojotoolkit.org/blog/post/dylan/2010/03/dojo-security-advisory
https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zendframework1/ZF2010-07.yaml
https://web.archive.org/web/20210509072723/https://framework.zend.com/security/advisory/ZF2010-07

Vulnerability Database

290,206

ZendFramework1 Potential Security Issues in Bundled Dojo Library