CVE-2021-3007
packagist/zendframework/zendframework
Deserialization of Untrusted Data
Zend Framework, has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the __destruct
method of the Zend\Http\Response\Stream class in Stream.php.
Version 3.0.0
Unfortunately, there is no solution available yet.
2021-01-21
source |