Reading Time: 1 minutes
Magento has just released its latest SUPEE patch ‘9652’ to address a possible Zend library vulnerability.
Zend Framework 1 vulnerability can be remotely exploited to execute code in Magento 1.
To be affected by the vulnerability the installation has to:
– use sendmail as the mail transport agent
– have specific, non-default configuration settings
Critical – If you are running one of the affected Magento versions it is important that this SUPEE patch is installed.
Magento Community Edition prior to 220.127.116.11, and Magento Enterprise Edition prior to 18.104.22.168, Magento 2.1 versions prior to 2.1.4 and Magento 2.0 versions prior to 2.0.12.