ZF2016-02: Potential SQL injection

July 13, 2016

The implementation of ORDER BY and GROUP BY in Zend_Db_Select of ZF1 is vulnerable by the following SQL injection.

References

framework.zend.com/security/advisory/ZF2016-02
github.com/zendframework/zf1/commit/bf3f40605be3d8f136a07ae991079a7dcb34d967

Detect and mitigate ZF2016-02 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →