Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
72 vulnerabilities found for zope by zope
CVE-2023-44389 (GCVE-0-2023-44389)
Vulnerability from nvd – Published: 2023-10-04 20:07 – Updated: 2024-11-27 16:15
VLAI
Title
Zope management interface vulnerable to stored cross site scripting via the title property
Summary
Zope is an open-source web application server. The title property, available on most Zope objects, can be used to store script code that is executed while viewing the affected object in the Zope Management Interface (ZMI). All versions of Zope 4 and Zope 5 are affected. Patches will be released with Zope versions 4.8.11 and 5.8.6.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/zopefoundation/Zope/security/a… | x_refsource_CONFIRM |
| https://github.com/zopefoundation/Zope/commit/21d… | x_refsource_MISC |
| https://github.com/zopefoundation/Zope/commit/aea… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zopefoundation | Zope |
Affected:
>= 4.0.0, < 4.8.11
Affected: >= 5.0.0, < 5.8.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:32.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-m755-gxxg-r5qh",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-m755-gxxg-r5qh"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/21dfa78609ffd8b6bd8143805678ebbacae5141a",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/commit/21dfa78609ffd8b6bd8143805678ebbacae5141a"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/aeaf2cdc80dff60815e3706af448f086ddc3b98d",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/commit/aeaf2cdc80dff60815e3706af448f086ddc3b98d"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-02T16:01:20.588939Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-27T16:15:46.357Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Zope",
"vendor": "zopefoundation",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.8.11"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.8.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zope is an open-source web application server. The title property, available on most Zope objects, can be used to store script code that is executed while viewing the affected object in the Zope Management Interface (ZMI). All versions of Zope 4 and Zope 5 are affected. Patches will be released with Zope versions 4.8.11 and 5.8.6."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-10T21:48:55.985Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-m755-gxxg-r5qh",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-m755-gxxg-r5qh"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/21dfa78609ffd8b6bd8143805678ebbacae5141a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/Zope/commit/21dfa78609ffd8b6bd8143805678ebbacae5141a"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/aeaf2cdc80dff60815e3706af448f086ddc3b98d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/Zope/commit/aeaf2cdc80dff60815e3706af448f086ddc3b98d"
}
],
"source": {
"advisory": "GHSA-m755-gxxg-r5qh",
"discovery": "UNKNOWN"
},
"title": "Zope management interface vulnerable to stored cross site scripting via the title property"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-44389",
"datePublished": "2023-10-04T20:07:34.274Z",
"dateReserved": "2023-09-28T17:56:32.613Z",
"dateUpdated": "2024-11-27T16:15:46.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-42458 (GCVE-0-2023-42458)
Vulnerability from nvd – Published: 2023-09-21 16:34 – Updated: 2025-02-13 17:09
VLAI
Title
Zope vulnerable to Stored Cross Site Scripting with SVG images
Summary
Zope is an open-source web application server. Prior to versions 4.8.10 and 5.8.5, there is a stored cross site scripting vulnerability for SVG images. Note that an image tag with an SVG image as source is never vulnerable, even when the SVG image contains malicious code. To exploit the vulnerability, an attacker would first need to upload an image, and then trick a user into following a specially crafted link. Patches are available in Zope 4.8.10 and 5.8.5. As a workaround, make sure the "Add Documents, Images, and Files" permission is only assigned to trusted roles. By default, only the Manager has this permission.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/zopefoundation/Zope/security/a… | x_refsource_CONFIRM |
| https://github.com/zopefoundation/Zope/commit/26a… | x_refsource_MISC |
| https://github.com/zopefoundation/Zope/commit/603… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2023/09/22/2 |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zopefoundation | Zope |
Affected:
< 4.8.10
Affected: >= 5.0.0, < 5.8.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:38.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-wm8q-9975-xh5v",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-wm8q-9975-xh5v"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/26a55dbc301db417f47cafda6fe0f983b5690088",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/commit/26a55dbc301db417f47cafda6fe0f983b5690088"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/603b0a12881c90a072a7a65e32d47ed898ce37cb",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/commit/603b0a12881c90a072a7a65e32d47ed898ce37cb"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42458",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-24T14:48:49.811652Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T15:04:16.626Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Zope",
"vendor": "zopefoundation",
"versions": [
{
"status": "affected",
"version": "\u003c 4.8.10"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.8.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zope is an open-source web application server. Prior to versions 4.8.10 and 5.8.5, there is a stored cross site scripting vulnerability for SVG images. Note that an image tag with an SVG image as source is never vulnerable, even when the SVG image contains malicious code. To exploit the vulnerability, an attacker would first need to upload an image, and then trick a user into following a specially crafted link. Patches are available in Zope 4.8.10 and 5.8.5. As a workaround, make sure the \"Add Documents, Images, and Files\" permission is only assigned to trusted roles. By default, only the Manager has this permission."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-22T14:06:19.290Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-wm8q-9975-xh5v",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-wm8q-9975-xh5v"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/26a55dbc301db417f47cafda6fe0f983b5690088",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/Zope/commit/26a55dbc301db417f47cafda6fe0f983b5690088"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/603b0a12881c90a072a7a65e32d47ed898ce37cb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/Zope/commit/603b0a12881c90a072a7a65e32d47ed898ce37cb"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/2"
}
],
"source": {
"advisory": "GHSA-wm8q-9975-xh5v",
"discovery": "UNKNOWN"
},
"title": "Zope vulnerable to Stored Cross Site Scripting with SVG images"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-42458",
"datePublished": "2023-09-21T16:34:11.747Z",
"dateReserved": "2023-09-08T20:57:45.574Z",
"dateUpdated": "2025-02-13T17:09:22.913Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41050 (GCVE-0-2023-41050)
Vulnerability from nvd – Published: 2023-09-06 17:58 – Updated: 2024-09-26 15:19
VLAI
Title
Information disclosure through Python's "format" functionality in Zope AccessControl
Summary
AccessControl provides a general security framework for use in Zope. Python's "format" functionality allows someone controlling the format string to "read" objects accessible (recursively) via attribute access and subscription from accessible objects. Those attribute accesses and subscriptions use Python's full blown `getattr` and `getitem`, not the policy restricted `AccessControl` variants `_getattr_` and `_getitem_`. This can lead to critical information disclosure. `AccessControl` already provides a safe variant for `str.format` and denies access to `string.Formatter`. However, `str.format_map` is still unsafe. Affected are all users who allow untrusted users to create `AccessControl` controlled Python code and execute it. A fix has been introduced in versions 4.4, 5.8 and 6.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/zopefoundation/AccessControl/s… | x_refsource_CONFIRM |
| https://github.com/zopefoundation/AccessControl/c… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zopefoundation | AccessControl |
Affected:
AccessControl: < 4.4
Affected: AccessControl: >= 5.0, < 5.8 Affected: AccessControl: >= 6.0, < 6.2 Affected: Zope: < 4.8.9 Affected: Zope: >= 5.0.0, < 5.8.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:46:11.727Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/zopefoundation/AccessControl/security/advisories/GHSA-8xv7-89vj-q48c",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zopefoundation/AccessControl/security/advisories/GHSA-8xv7-89vj-q48c"
},
{
"name": "https://github.com/zopefoundation/AccessControl/commit/6bc32692e0d4b8d5cf64eae3d19de987c7375bc9",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/AccessControl/commit/6bc32692e0d4b8d5cf64eae3d19de987c7375bc9"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41050",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:47:49.544178Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:19:50.945Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "AccessControl",
"vendor": "zopefoundation",
"versions": [
{
"status": "affected",
"version": "AccessControl: \u003c 4.4"
},
{
"status": "affected",
"version": "AccessControl: \u003e= 5.0, \u003c 5.8"
},
{
"status": "affected",
"version": "AccessControl: \u003e= 6.0, \u003c 6.2"
},
{
"status": "affected",
"version": "Zope: \u003c 4.8.9"
},
{
"status": "affected",
"version": "Zope: \u003e= 5.0.0, \u003c 5.8.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AccessControl provides a general security framework for use in Zope. Python\u0027s \"format\" functionality allows someone controlling the format string to \"read\" objects accessible (recursively) via attribute access and subscription from accessible objects. Those attribute accesses and subscriptions use Python\u0027s full blown `getattr` and `getitem`, not the policy restricted `AccessControl` variants `_getattr_` and `_getitem_`. This can lead to critical information disclosure. `AccessControl` already provides a safe variant for `str.format` and denies access to `string.Formatter`. However, `str.format_map` is still unsafe. Affected are all users who allow untrusted users to create `AccessControl` controlled Python code and execute it. A fix has been introduced in versions 4.4, 5.8 and 6.2. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T17:58:10.510Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/zopefoundation/AccessControl/security/advisories/GHSA-8xv7-89vj-q48c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zopefoundation/AccessControl/security/advisories/GHSA-8xv7-89vj-q48c"
},
{
"name": "https://github.com/zopefoundation/AccessControl/commit/6bc32692e0d4b8d5cf64eae3d19de987c7375bc9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/AccessControl/commit/6bc32692e0d4b8d5cf64eae3d19de987c7375bc9"
}
],
"source": {
"advisory": "GHSA-8xv7-89vj-q48c",
"discovery": "UNKNOWN"
},
"title": "Information disclosure through Python\u0027s \"format\" functionality in Zope AccessControl"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-41050",
"datePublished": "2023-09-06T17:58:10.510Z",
"dateReserved": "2023-08-22T16:57:23.933Z",
"dateUpdated": "2024-09-26T15:19:50.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32811 (GCVE-0-2021-32811)
Vulnerability from nvd – Published: 2021-08-02 21:55 – Updated: 2024-08-03 23:33
VLAI
Title
Remote Code Execution via Script (Python) objects under Python 3
Summary
Zope is an open-source web application server. Zope versions prior to versions 4.6.3 and 5.3 have a remote code execution security issue. In order to be affected, one must use Python 3 for one's Zope deployment, run Zope 4 below version 4.6.3 or Zope 5 below version 5.3, and have the optional `Products.PythonScripts` add-on package installed. By default, one must have the admin-level Zope "Manager" role to add or edit Script (Python) objects through the web. Only sites that allow untrusted users to add/edit these scripts through the web are at risk. Zope releases 4.6.3 and 5.3 are not vulnerable. As a workaround, a site administrator can restrict adding/editing Script (Python) objects through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing these scripts through the web should be restricted to trusted users only. This is the default configuration in Zope.
Severity
7.5 (High)
CWE
- CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/zopefoundation/Zope/security/a… | x_refsource_CONFIRM |
| https://github.com/zopefoundation/AccessControl/s… | x_refsource_MISC |
| https://github.com/zopefoundation/Zope/commit/f72… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zopefoundation | Zope |
Affected:
>= 4.0, < 4.6.3
Affected: >= 5.0, < 5.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:33:55.955Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-g4gq-j4p2-j8fr"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/AccessControl/security/advisories/GHSA-qcx9-j53g-ccgf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/commit/f72a18dda8e9bf2aedb46168761668464a4be988"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Zope",
"vendor": "zopefoundation",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0, \u003c 4.6.3"
},
{
"status": "affected",
"version": "\u003e= 5.0, \u003c 5.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zope is an open-source web application server. Zope versions prior to versions 4.6.3 and 5.3 have a remote code execution security issue. In order to be affected, one must use Python 3 for one\u0027s Zope deployment, run Zope 4 below version 4.6.3 or Zope 5 below version 5.3, and have the optional `Products.PythonScripts` add-on package installed. By default, one must have the admin-level Zope \"Manager\" role to add or edit Script (Python) objects through the web. Only sites that allow untrusted users to add/edit these scripts through the web are at risk. Zope releases 4.6.3 and 5.3 are not vulnerable. As a workaround, a site administrator can restrict adding/editing Script (Python) objects through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing these scripts through the web should be restricted to trusted users only. This is the default configuration in Zope."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-915",
"description": "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T21:55:11.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-g4gq-j4p2-j8fr"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/AccessControl/security/advisories/GHSA-qcx9-j53g-ccgf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/Zope/commit/f72a18dda8e9bf2aedb46168761668464a4be988"
}
],
"source": {
"advisory": "GHSA-g4gq-j4p2-j8fr",
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution via Script (Python) objects under Python 3",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-32811",
"STATE": "PUBLIC",
"TITLE": "Remote Code Execution via Script (Python) objects under Python 3"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Zope",
"version": {
"version_data": [
{
"version_value": "\u003e= 4.0, \u003c 4.6.3"
},
{
"version_value": "\u003e= 5.0, \u003c 5.3"
}
]
}
}
]
},
"vendor_name": "zopefoundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zope is an open-source web application server. Zope versions prior to versions 4.6.3 and 5.3 have a remote code execution security issue. In order to be affected, one must use Python 3 for one\u0027s Zope deployment, run Zope 4 below version 4.6.3 or Zope 5 below version 5.3, and have the optional `Products.PythonScripts` add-on package installed. By default, one must have the admin-level Zope \"Manager\" role to add or edit Script (Python) objects through the web. Only sites that allow untrusted users to add/edit these scripts through the web are at risk. Zope releases 4.6.3 and 5.3 are not vulnerable. As a workaround, a site administrator can restrict adding/editing Script (Python) objects through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing these scripts through the web should be restricted to trusted users only. This is the default configuration in Zope."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-g4gq-j4p2-j8fr",
"refsource": "CONFIRM",
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-g4gq-j4p2-j8fr"
},
{
"name": "https://github.com/zopefoundation/AccessControl/security/advisories/GHSA-qcx9-j53g-ccgf",
"refsource": "MISC",
"url": "https://github.com/zopefoundation/AccessControl/security/advisories/GHSA-qcx9-j53g-ccgf"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/f72a18dda8e9bf2aedb46168761668464a4be988",
"refsource": "MISC",
"url": "https://github.com/zopefoundation/Zope/commit/f72a18dda8e9bf2aedb46168761668464a4be988"
}
]
},
"source": {
"advisory": "GHSA-g4gq-j4p2-j8fr",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-32811",
"datePublished": "2021-08-02T21:55:11.000Z",
"dateReserved": "2021-05-12T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:33:55.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32674 (GCVE-0-2021-32674)
Vulnerability from nvd – Published: 2021-06-08 17:45 – Updated: 2024-08-03 23:25
VLAI
Title
Remote Code Execution via traversal in TAL expressions
Summary
Zope is an open-source web application server. This advisory extends the previous advisory at https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36 with additional cases of TAL expression traversal vulnerabilities. Most Python modules are not available for using in TAL expressions that you can add through-the-web, for example in Zope Page Templates. This restriction avoids file system access, for example via the 'os' module. But some of the untrusted modules are available indirectly through Python modules that are available for direct use. By default, you need to have the Manager role to add or edit Zope Page Templates through the web. Only sites that allow untrusted users to add/edit Zope Page Templates through the web are at risk. The problem has been fixed in Zope 5.2.1 and 4.6.1. The workaround is the same as for https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36: A site administrator can restrict adding/editing Zope Page Templates through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing Zope Page Templates through the web should be restricted to trusted users only.
Severity
8.8 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/zopefoundation/Zope/security/a… | x_refsource_CONFIRM |
| https://github.com/zopefoundation/Zope/security/a… | x_refsource_MISC |
| https://github.com/zopefoundation/Zope/commit/1d8… | x_refsource_MISC |
| https://pypi.org/project/Zope/ | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zopefoundation | Zope |
Affected:
>= 5.0.0, < 5.2.1
Affected: < 4.6.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:25:31.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-rpcg-f9q6-2mq6"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/commit/1d897910139e2c0b11984fc9b78c1da1365bec21"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://pypi.org/project/Zope/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Zope",
"vendor": "zopefoundation",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.2.1"
},
{
"status": "affected",
"version": "\u003c 4.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zope is an open-source web application server. This advisory extends the previous advisory at https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36 with additional cases of TAL expression traversal vulnerabilities. Most Python modules are not available for using in TAL expressions that you can add through-the-web, for example in Zope Page Templates. This restriction avoids file system access, for example via the \u0027os\u0027 module. But some of the untrusted modules are available indirectly through Python modules that are available for direct use. By default, you need to have the Manager role to add or edit Zope Page Templates through the web. Only sites that allow untrusted users to add/edit Zope Page Templates through the web are at risk. The problem has been fixed in Zope 5.2.1 and 4.6.1. The workaround is the same as for https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36: A site administrator can restrict adding/editing Zope Page Templates through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing Zope Page Templates through the web should be restricted to trusted users only."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-17T16:29:37.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-rpcg-f9q6-2mq6"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/Zope/commit/1d897910139e2c0b11984fc9b78c1da1365bec21"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://pypi.org/project/Zope/"
}
],
"source": {
"advisory": "GHSA-rpcg-f9q6-2mq6",
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution via traversal in TAL expressions",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-32674",
"STATE": "PUBLIC",
"TITLE": "Remote Code Execution via traversal in TAL expressions"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Zope",
"version": {
"version_data": [
{
"version_value": "\u003e= 5.0.0, \u003c 5.2.1"
},
{
"version_value": "\u003c 4.6.1"
}
]
}
}
]
},
"vendor_name": "zopefoundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zope is an open-source web application server. This advisory extends the previous advisory at https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36 with additional cases of TAL expression traversal vulnerabilities. Most Python modules are not available for using in TAL expressions that you can add through-the-web, for example in Zope Page Templates. This restriction avoids file system access, for example via the \u0027os\u0027 module. But some of the untrusted modules are available indirectly through Python modules that are available for direct use. By default, you need to have the Manager role to add or edit Zope Page Templates through the web. Only sites that allow untrusted users to add/edit Zope Page Templates through the web are at risk. The problem has been fixed in Zope 5.2.1 and 4.6.1. The workaround is the same as for https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36: A site administrator can restrict adding/editing Zope Page Templates through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing Zope Page Templates through the web should be restricted to trusted users only."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-rpcg-f9q6-2mq6",
"refsource": "CONFIRM",
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-rpcg-f9q6-2mq6"
},
{
"name": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36",
"refsource": "MISC",
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/1d897910139e2c0b11984fc9b78c1da1365bec21",
"refsource": "MISC",
"url": "https://github.com/zopefoundation/Zope/commit/1d897910139e2c0b11984fc9b78c1da1365bec21"
},
{
"name": "https://pypi.org/project/Zope/",
"refsource": "MISC",
"url": "https://pypi.org/project/Zope/"
}
]
},
"source": {
"advisory": "GHSA-rpcg-f9q6-2mq6",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-32674",
"datePublished": "2021-06-08T17:45:12.000Z",
"dateReserved": "2021-05-12T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:25:31.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33507 (GCVE-0-2021-33507)
Vulnerability from nvd – Published: 2021-05-21 21:33 – Updated: 2024-08-03 23:50
VLAI
Summary
Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://plone.org/security/hotfix/20210518/reflec… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2021/05/22/1 | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:50:42.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://plone.org/security/hotfix/20210518/reflected-xss-in-various-spots"
},
{
"name": "[oss-security] 20210522 Re: Plone security hotfix 20210518",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/22/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-22T17:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://plone.org/security/hotfix/20210518/reflected-xss-in-various-spots"
},
{
"name": "[oss-security] 20210522 Re: Plone security hotfix 20210518",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/22/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-33507",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://plone.org/security/hotfix/20210518/reflected-xss-in-various-spots",
"refsource": "MISC",
"url": "https://plone.org/security/hotfix/20210518/reflected-xss-in-various-spots"
},
{
"name": "[oss-security] 20210522 Re: Plone security hotfix 20210518",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/22/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-33507",
"datePublished": "2021-05-21T21:33:31.000Z",
"dateReserved": "2021-05-21T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:50:42.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32633 (GCVE-0-2021-32633)
Vulnerability from nvd – Published: 2021-05-21 13:55 – Updated: 2024-08-03 23:25
VLAI
Title
Remote Code Execution via traversal in TAL expressions
Summary
Zope is an open-source web application server. In Zope versions prior to 4.6 and 5.2, users can access untrusted modules indirectly through Python modules that are available for direct use. By default, only users with the Manager role can add or edit Zope Page Templates through the web, but sites that allow untrusted users to add/edit Zope Page Templates through the web are at risk from this vulnerability. The problem has been fixed in Zope 5.2 and 4.6. As a workaround, a site administrator can restrict adding/editing Zope Page Templates through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing Zope Page Templates through the web should be restricted to trusted users only.
Severity
6.8 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/zopefoundation/Zope/security/a… | x_refsource_CONFIRM |
| https://github.com/zopefoundation/Zope/commit/1f8… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2021/05/21/1 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2021/05/22/1 | mailing-listx_refsource_MLIST |
| https://cyllective.com/blog/post/plone-authentica… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zopefoundation | Zope |
Affected:
< 4.6
Affected: >= 5.0, < 5.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:25:30.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/commit/1f8456bf1f908ea46012537d52bd7e752a532c91"
},
{
"name": "[oss-security] 20210521 Plone security hotfix 20210518",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/21/1"
},
{
"name": "[oss-security] 20210522 Re: Plone security hotfix 20210518",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/22/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cyllective.com/blog/post/plone-authenticated-rce-cve-2021-32633/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Zope",
"vendor": "zopefoundation",
"versions": [
{
"status": "affected",
"version": "\u003c 4.6"
},
{
"status": "affected",
"version": "\u003e= 5.0, \u003c 5.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zope is an open-source web application server. In Zope versions prior to 4.6 and 5.2, users can access untrusted modules indirectly through Python modules that are available for direct use. By default, only users with the Manager role can add or edit Zope Page Templates through the web, but sites that allow untrusted users to add/edit Zope Page Templates through the web are at risk from this vulnerability. The problem has been fixed in Zope 5.2 and 4.6. As a workaround, a site administrator can restrict adding/editing Zope Page Templates through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing Zope Page Templates through the web should be restricted to trusted users only."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-29T11:47:33.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/Zope/commit/1f8456bf1f908ea46012537d52bd7e752a532c91"
},
{
"name": "[oss-security] 20210521 Plone security hotfix 20210518",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/21/1"
},
{
"name": "[oss-security] 20210522 Re: Plone security hotfix 20210518",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/22/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cyllective.com/blog/post/plone-authenticated-rce-cve-2021-32633/"
}
],
"source": {
"advisory": "GHSA-5pr9-v234-jw36",
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution via traversal in TAL expressions",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-32633",
"STATE": "PUBLIC",
"TITLE": "Remote Code Execution via traversal in TAL expressions"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Zope",
"version": {
"version_data": [
{
"version_value": "\u003c 4.6"
},
{
"version_value": "\u003e= 5.0, \u003c 5.2"
}
]
}
}
]
},
"vendor_name": "zopefoundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zope is an open-source web application server. In Zope versions prior to 4.6 and 5.2, users can access untrusted modules indirectly through Python modules that are available for direct use. By default, only users with the Manager role can add or edit Zope Page Templates through the web, but sites that allow untrusted users to add/edit Zope Page Templates through the web are at risk from this vulnerability. The problem has been fixed in Zope 5.2 and 4.6. As a workaround, a site administrator can restrict adding/editing Zope Page Templates through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing Zope Page Templates through the web should be restricted to trusted users only."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36",
"refsource": "CONFIRM",
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/1f8456bf1f908ea46012537d52bd7e752a532c91",
"refsource": "MISC",
"url": "https://github.com/zopefoundation/Zope/commit/1f8456bf1f908ea46012537d52bd7e752a532c91"
},
{
"name": "[oss-security] 20210521 Plone security hotfix 20210518",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/21/1"
},
{
"name": "[oss-security] 20210522 Re: Plone security hotfix 20210518",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/22/1"
},
{
"name": "https://cyllective.com/blog/post/plone-authenticated-rce-cve-2021-32633/",
"refsource": "MISC",
"url": "https://cyllective.com/blog/post/plone-authenticated-rce-cve-2021-32633/"
}
]
},
"source": {
"advisory": "GHSA-5pr9-v234-jw36",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-32633",
"datePublished": "2021-05-21T13:55:10.000Z",
"dateReserved": "2021-05-12T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:25:30.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4924 (GCVE-0-2011-4924)
Vulnerability from nvd – Published: 2019-11-25 17:03 – Updated: 2024-08-07 00:23
VLAI
Summary
Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3, 3.1.1 through 3.4.1. allows remote attackers to inject arbitrary web script or HTML via vectors related to the way error messages perform sanitization. NOTE: this issue exists because of an incomplete fix for CVE-2010-1104
Severity
No CVSS data available.
CWE
- Incomplete upstream patch for CVE-2010-1104 issue
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_MISC |
| https://access.redhat.com/security/cve/cve-2011-4924 | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2012/0… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2012/0… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2012/0… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2012/0… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zope | zope2, zope3 |
Affected:
2.8.x before 2.8.12
Affected: 2.9.x before 2.9.12 Affected: 2.10.x before 2.10.11 Affected: 2.11.x before 2.11.6 Affected: and 2.12.x before 2.12.3 Affected: 3.1.1through 3.4.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:23:39.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2011-4924"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4924"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2011-4924"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/19/19"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/19/16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/19/17"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/19/18"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "zope2, zope3",
"vendor": "zope",
"versions": [
{
"status": "affected",
"version": "2.8.x before 2.8.12"
},
{
"status": "affected",
"version": "2.9.x before 2.9.12"
},
{
"status": "affected",
"version": "2.10.x before 2.10.11"
},
{
"status": "affected",
"version": "2.11.x before 2.11.6"
},
{
"status": "affected",
"version": "and 2.12.x before 2.12.3"
},
{
"status": "affected",
"version": "3.1.1through 3.4.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3, 3.1.1 through 3.4.1. allows remote attackers to inject arbitrary web script or HTML via vectors related to the way error messages perform sanitization. NOTE: this issue exists because of an incomplete fix for CVE-2010-1104"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Incomplete upstream patch for CVE-2010-1104 issue",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-25T17:03:14.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2011-4924"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4924"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2011-4924"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/19/19"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/19/16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/19/17"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/19/18"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-4924",
"datePublished": "2019-11-25T17:03:14.000Z",
"dateReserved": "2011-12-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:23:39.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5145 (GCVE-0-2009-5145)
Vulnerability from nvd – Published: 2017-08-07 17:00 – Updated: 2024-08-07 07:32
VLAI
Summary
Cross-site scripting (XSS) vulnerability in ZMI pages that use the manage_tabs_message in Zope 2.11.4, 2.11.2, 2.10.9, 2.10.7, 2.10.6, 2.10.5, 2.10.4, 2.10.2, 2.10.1, 2.12.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://bugs.launchpad.net/zope2/+bug/490514 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/72792/info | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2015/03/02/7 | mailing-listx_refsource_MLIST |
| http://cve.killedkenny.io/cve/CVE-2009-5145 | x_refsource_MISC |
| https://github.com/zopefoundation/Zope/commit/2ab… | x_refsource_CONFIRM |
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
Date Public
2009-12-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:22.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/zope2/+bug/490514"
},
{
"name": "72792",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72792/info"
},
{
"name": "[oss-security] 20150302 Re: XSS In Zope",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/02/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cve.killedkenny.io/cve/CVE-2009-5145"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/commit/2abdf14620f146857dc8e3ffd2b6a754884c331d"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2009-5145/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ZMI pages that use the manage_tabs_message in Zope 2.11.4, 2.11.2, 2.10.9, 2.10.7, 2.10.6, 2.10.5, 2.10.4, 2.10.2, 2.10.1, 2.12."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T16:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/zope2/+bug/490514"
},
{
"name": "72792",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72792/info"
},
{
"name": "[oss-security] 20150302 Re: XSS In Zope",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/02/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cve.killedkenny.io/cve/CVE-2009-5145"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zopefoundation/Zope/commit/2abdf14620f146857dc8e3ffd2b6a754884c331d"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2009-5145/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-5145",
"datePublished": "2017-08-07T17:00:00.000Z",
"dateReserved": "2015-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:32:22.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-6661 (GCVE-0-2012-6661)
Vulnerability from nvd – Published: 2014-11-03 22:00 – Updated: 2024-09-16 23:22
VLAI
Summary
Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, does not reseed the pseudo-random number generator (PRNG), which makes it easier for remote attackers to guess the value via unspecified vectors. NOTE: this issue was SPLIT from CVE-2012-5508 due to different vulnerability types (ADT2).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/plone/Products.CMFPlone/blob/4… | x_refsource_CONFIRM |
| https://bugs.launchpad.net/zope2/+bug/1071067 | x_refsource_CONFIRM |
| https://plone.org/products/plone/security/advisor… | x_refsource_CONFIRM |
| https://plone.org/products/plone-hotfix/releases/… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/11/10/1 | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:36:02.018Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/zope2/+bug/1071067"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plone.org/products/plone/security/advisories/20121106/24"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plone.org/products/plone-hotfix/releases/20121124"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, does not reseed the pseudo-random number generator (PRNG), which makes it easier for remote attackers to guess the value via unspecified vectors. NOTE: this issue was SPLIT from CVE-2012-5508 due to different vulnerability types (ADT2)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-03T22:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/zope2/+bug/1071067"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plone.org/products/plone/security/advisories/20121106/24"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plone.org/products/plone-hotfix/releases/20121124"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, does not reseed the pseudo-random number generator (PRNG), which makes it easier for remote attackers to guess the value via unspecified vectors. NOTE: this issue was SPLIT from CVE-2012-5508 due to different vulnerability types (ADT2)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt",
"refsource": "CONFIRM",
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
},
{
"name": "https://bugs.launchpad.net/zope2/+bug/1071067",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/zope2/+bug/1071067"
},
{
"name": "https://plone.org/products/plone/security/advisories/20121106/24",
"refsource": "CONFIRM",
"url": "https://plone.org/products/plone/security/advisories/20121106/24"
},
{
"name": "https://plone.org/products/plone-hotfix/releases/20121124",
"refsource": "CONFIRM",
"url": "https://plone.org/products/plone-hotfix/releases/20121124"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-6661",
"datePublished": "2014-11-03T22:00:00.000Z",
"dateReserved": "2014-11-03T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:22:11.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5507 (GCVE-0-2012-5507)
Vulnerability from nvd – Published: 2014-09-30 14:00 – Updated: 2024-08-06 21:05
VLAI
Summary
AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain passwords via vectors involving timing discrepancies in password validation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/plone/Products.CMFPlone/blob/4… | x_refsource_CONFIRM |
| https://bugs.launchpad.net/zope2/+bug/1071067 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/11/10/1 | mailing-listx_refsource_MLIST |
| https://plone.org/products/plone-hotfix/releases/… | x_refsource_CONFIRM |
| https://plone.org/products/plone/security/advisor… | x_refsource_CONFIRM |
Date Public
2012-11-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:05:47.261Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/zope2/+bug/1071067"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plone.org/products/plone-hotfix/releases/20121106"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plone.org/products/plone/security/advisories/20121106/23"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-11-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain passwords via vectors involving timing discrepancies in password validation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-30T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/zope2/+bug/1071067"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plone.org/products/plone-hotfix/releases/20121106"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plone.org/products/plone/security/advisories/20121106/23"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-5507",
"datePublished": "2014-09-30T14:00:00.000Z",
"dateReserved": "2012-10-24T00:00:00.000Z",
"dateUpdated": "2024-08-06T21:05:47.261Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5489 (GCVE-0-2012-5489)
Vulnerability from nvd – Published: 2014-09-30 14:00 – Updated: 2024-08-06 21:05
VLAI
Summary
The App.Undo.UndoSupport.get_request_var_or_attr function in Zope before 2.12.21 and 3.13.x before 2.13.11, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote authenticated users to gain access to restricted attributes via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/plone/Products.CMFPlone/blob/4… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/11/10/1 | mailing-listx_refsource_MLIST |
| https://plone.org/products/plone/security/advisor… | x_refsource_CONFIRM |
| https://bugs.launchpad.net/zope2/+bug/1079238 | x_refsource_CONFIRM |
| https://plone.org/products/plone-hotfix/releases/… | x_refsource_CONFIRM |
Date Public
2012-11-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:05:47.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plone.org/products/plone/security/advisories/20121106/05"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/zope2/+bug/1079238"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plone.org/products/plone-hotfix/releases/20121106"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-11-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The App.Undo.UndoSupport.get_request_var_or_attr function in Zope before 2.12.21 and 3.13.x before 2.13.11, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote authenticated users to gain access to restricted attributes via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-30T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plone.org/products/plone/security/advisories/20121106/05"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/zope2/+bug/1079238"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plone.org/products/plone-hotfix/releases/20121106"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-5489",
"datePublished": "2014-09-30T14:00:00.000Z",
"dateReserved": "2012-10-24T00:00:00.000Z",
"dateUpdated": "2024-08-06T21:05:47.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5486 (GCVE-0-2012-5486)
Vulnerability from nvd – Published: 2014-09-30 14:00 – Updated: 2024-08-06 21:05
VLAI
Summary
ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://bugs.launchpad.net/zope2/+bug/930812 | x_refsource_CONFIRM |
| https://plone.org/products/plone/security/advisor… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/11/10/1 | mailing-listx_refsource_MLIST |
| https://plone.org/products/plone-hotfix/releases/… | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2014-1194.html | vendor-advisoryx_refsource_REDHAT |
Date Public
2012-11-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:05:47.236Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/zope2/+bug/930812"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plone.org/products/plone/security/advisories/20121106/02"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plone.org/products/plone-hotfix/releases/20121106"
},
{
"name": "RHSA-2014:1194",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1194.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-11-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-10-06T13:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/zope2/+bug/930812"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plone.org/products/plone/security/advisories/20121106/02"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plone.org/products/plone-hotfix/releases/20121106"
},
{
"name": "RHSA-2014:1194",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1194.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-5486",
"datePublished": "2014-09-30T14:00:00.000Z",
"dateReserved": "2012-10-24T00:00:00.000Z",
"dateUpdated": "2024-08-06T21:05:47.236Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3587 (GCVE-0-2011-3587)
Vulnerability from nvd – Published: 2011-10-10 10:00 – Updated: 2024-08-06 23:37
VLAI
Summary
Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=742297 | x_refsource_CONFIRM |
| http://secunia.com/advisories/46221 | third-party-advisoryx_refsource_SECUNIA |
| http://pypi.python.org/pypi/Products.PloneHotfix2… | x_refsource_CONFIRM |
| http://secunia.com/advisories/46323 | third-party-advisoryx_refsource_SECUNIA |
| http://plone.org/products/plone/security/advisori… | x_refsource_CONFIRM |
| http://zope2.zope.org/news/security-vulnerability… | x_refsource_CONFIRM |
| http://plone.org/products/plone-hotfix/releases/2… | x_refsource_CONFIRM |
| http://plone.org/products/plone-hotfix/releases/2… | x_refsource_CONFIRM |
Date Public
2011-09-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:37:48.380Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=742297"
},
{
"name": "46221",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46221"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0"
},
{
"name": "46323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46323"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://plone.org/products/plone/security/advisories/20110928"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://plone.org/products/plone-hotfix/releases/20110928"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-10-19T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=742297"
},
{
"name": "46221",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46221"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0"
},
{
"name": "46323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46323"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://plone.org/products/plone/security/advisories/20110928"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://plone.org/products/plone-hotfix/releases/20110928"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3587",
"datePublished": "2011-10-10T10:00:00.000Z",
"dateReserved": "2011-09-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:37:48.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2528 (GCVE-0-2011-2528)
Vulnerability from nvd – Published: 2011-07-19 20:00 – Updated: 2024-08-06 23:08
VLAI
Summary
Unspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x before 2.13.8, as used in Plone 4.x and other products, and (2) PloneHotfix20110720 for Plone 3.x allows attackers to gain privileges via unspecified vectors, related to a "highly serious vulnerability." NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-0720.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/45056 | third-party-advisoryx_refsource_SECUNIA |
| http://plone.org/products/plone/security/advisori… | x_refsource_CONFIRM |
| https://bugzilla.redhat.com/show_bug.cgi?id=718824 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2011/07/12/9 | mailing-listx_refsource_MLIST |
| https://mail.zope.org/pipermail/zope-announce/201… | mailing-listx_refsource_MLIST |
| http://plone.org/products/plone-hotfix/releases/2… | x_refsource_CONFIRM |
| http://secunia.com/advisories/45111 | third-party-advisoryx_refsource_SECUNIA |
| http://www.openwall.com/lists/oss-security/2011/07/04/6 | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:08:21.987Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45056"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://plone.org/products/plone/security/advisories/20110622"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=718824"
},
{
"name": "[oss-security] 20110712 Re: CVE request: plone privilege escalation flaw",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/12/9"
},
{
"name": "[zone-announce] 20110628 Security Hotfix 20110622 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://mail.zope.org/pipermail/zope-announce/2011-June/002260.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://plone.org/products/plone-hotfix/releases/20110622"
},
{
"name": "45111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45111"
},
{
"name": "[oss-security] 20110704 CVE request: plone privilege escalation flaw",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/04/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x before 2.13.8, as used in Plone 4.x and other products, and (2) PloneHotfix20110720 for Plone 3.x allows attackers to gain privileges via unspecified vectors, related to a \"highly serious vulnerability.\" NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-0720."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-07-19T20:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "45056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45056"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://plone.org/products/plone/security/advisories/20110622"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=718824"
},
{
"name": "[oss-security] 20110712 Re: CVE request: plone privilege escalation flaw",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/12/9"
},
{
"name": "[zone-announce] 20110628 Security Hotfix 20110622 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://mail.zope.org/pipermail/zope-announce/2011-June/002260.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://plone.org/products/plone-hotfix/releases/20110622"
},
{
"name": "45111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45111"
},
{
"name": "[oss-security] 20110704 CVE request: plone privilege escalation flaw",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/04/6"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2528",
"datePublished": "2011-07-19T20:00:00.000Z",
"dateReserved": "2011-06-15T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:08:21.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-44389 (GCVE-0-2023-44389)
Vulnerability from cvelistv5 – Published: 2023-10-04 20:07 – Updated: 2024-11-27 16:15
VLAI
Title
Zope management interface vulnerable to stored cross site scripting via the title property
Summary
Zope is an open-source web application server. The title property, available on most Zope objects, can be used to store script code that is executed while viewing the affected object in the Zope Management Interface (ZMI). All versions of Zope 4 and Zope 5 are affected. Patches will be released with Zope versions 4.8.11 and 5.8.6.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/zopefoundation/Zope/security/a… | x_refsource_CONFIRM |
| https://github.com/zopefoundation/Zope/commit/21d… | x_refsource_MISC |
| https://github.com/zopefoundation/Zope/commit/aea… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zopefoundation | Zope |
Affected:
>= 4.0.0, < 4.8.11
Affected: >= 5.0.0, < 5.8.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:32.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-m755-gxxg-r5qh",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-m755-gxxg-r5qh"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/21dfa78609ffd8b6bd8143805678ebbacae5141a",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/commit/21dfa78609ffd8b6bd8143805678ebbacae5141a"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/aeaf2cdc80dff60815e3706af448f086ddc3b98d",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/commit/aeaf2cdc80dff60815e3706af448f086ddc3b98d"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-02T16:01:20.588939Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-27T16:15:46.357Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Zope",
"vendor": "zopefoundation",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.8.11"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.8.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zope is an open-source web application server. The title property, available on most Zope objects, can be used to store script code that is executed while viewing the affected object in the Zope Management Interface (ZMI). All versions of Zope 4 and Zope 5 are affected. Patches will be released with Zope versions 4.8.11 and 5.8.6."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-10T21:48:55.985Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-m755-gxxg-r5qh",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-m755-gxxg-r5qh"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/21dfa78609ffd8b6bd8143805678ebbacae5141a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/Zope/commit/21dfa78609ffd8b6bd8143805678ebbacae5141a"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/aeaf2cdc80dff60815e3706af448f086ddc3b98d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/Zope/commit/aeaf2cdc80dff60815e3706af448f086ddc3b98d"
}
],
"source": {
"advisory": "GHSA-m755-gxxg-r5qh",
"discovery": "UNKNOWN"
},
"title": "Zope management interface vulnerable to stored cross site scripting via the title property"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-44389",
"datePublished": "2023-10-04T20:07:34.274Z",
"dateReserved": "2023-09-28T17:56:32.613Z",
"dateUpdated": "2024-11-27T16:15:46.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-42458 (GCVE-0-2023-42458)
Vulnerability from cvelistv5 – Published: 2023-09-21 16:34 – Updated: 2025-02-13 17:09
VLAI
Title
Zope vulnerable to Stored Cross Site Scripting with SVG images
Summary
Zope is an open-source web application server. Prior to versions 4.8.10 and 5.8.5, there is a stored cross site scripting vulnerability for SVG images. Note that an image tag with an SVG image as source is never vulnerable, even when the SVG image contains malicious code. To exploit the vulnerability, an attacker would first need to upload an image, and then trick a user into following a specially crafted link. Patches are available in Zope 4.8.10 and 5.8.5. As a workaround, make sure the "Add Documents, Images, and Files" permission is only assigned to trusted roles. By default, only the Manager has this permission.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/zopefoundation/Zope/security/a… | x_refsource_CONFIRM |
| https://github.com/zopefoundation/Zope/commit/26a… | x_refsource_MISC |
| https://github.com/zopefoundation/Zope/commit/603… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2023/09/22/2 |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zopefoundation | Zope |
Affected:
< 4.8.10
Affected: >= 5.0.0, < 5.8.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:38.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-wm8q-9975-xh5v",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-wm8q-9975-xh5v"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/26a55dbc301db417f47cafda6fe0f983b5690088",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/commit/26a55dbc301db417f47cafda6fe0f983b5690088"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/603b0a12881c90a072a7a65e32d47ed898ce37cb",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/commit/603b0a12881c90a072a7a65e32d47ed898ce37cb"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42458",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-24T14:48:49.811652Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T15:04:16.626Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Zope",
"vendor": "zopefoundation",
"versions": [
{
"status": "affected",
"version": "\u003c 4.8.10"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.8.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zope is an open-source web application server. Prior to versions 4.8.10 and 5.8.5, there is a stored cross site scripting vulnerability for SVG images. Note that an image tag with an SVG image as source is never vulnerable, even when the SVG image contains malicious code. To exploit the vulnerability, an attacker would first need to upload an image, and then trick a user into following a specially crafted link. Patches are available in Zope 4.8.10 and 5.8.5. As a workaround, make sure the \"Add Documents, Images, and Files\" permission is only assigned to trusted roles. By default, only the Manager has this permission."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-22T14:06:19.290Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-wm8q-9975-xh5v",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-wm8q-9975-xh5v"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/26a55dbc301db417f47cafda6fe0f983b5690088",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/Zope/commit/26a55dbc301db417f47cafda6fe0f983b5690088"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/603b0a12881c90a072a7a65e32d47ed898ce37cb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/Zope/commit/603b0a12881c90a072a7a65e32d47ed898ce37cb"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/2"
}
],
"source": {
"advisory": "GHSA-wm8q-9975-xh5v",
"discovery": "UNKNOWN"
},
"title": "Zope vulnerable to Stored Cross Site Scripting with SVG images"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-42458",
"datePublished": "2023-09-21T16:34:11.747Z",
"dateReserved": "2023-09-08T20:57:45.574Z",
"dateUpdated": "2025-02-13T17:09:22.913Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41050 (GCVE-0-2023-41050)
Vulnerability from cvelistv5 – Published: 2023-09-06 17:58 – Updated: 2024-09-26 15:19
VLAI
Title
Information disclosure through Python's "format" functionality in Zope AccessControl
Summary
AccessControl provides a general security framework for use in Zope. Python's "format" functionality allows someone controlling the format string to "read" objects accessible (recursively) via attribute access and subscription from accessible objects. Those attribute accesses and subscriptions use Python's full blown `getattr` and `getitem`, not the policy restricted `AccessControl` variants `_getattr_` and `_getitem_`. This can lead to critical information disclosure. `AccessControl` already provides a safe variant for `str.format` and denies access to `string.Formatter`. However, `str.format_map` is still unsafe. Affected are all users who allow untrusted users to create `AccessControl` controlled Python code and execute it. A fix has been introduced in versions 4.4, 5.8 and 6.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/zopefoundation/AccessControl/s… | x_refsource_CONFIRM |
| https://github.com/zopefoundation/AccessControl/c… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zopefoundation | AccessControl |
Affected:
AccessControl: < 4.4
Affected: AccessControl: >= 5.0, < 5.8 Affected: AccessControl: >= 6.0, < 6.2 Affected: Zope: < 4.8.9 Affected: Zope: >= 5.0.0, < 5.8.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:46:11.727Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/zopefoundation/AccessControl/security/advisories/GHSA-8xv7-89vj-q48c",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zopefoundation/AccessControl/security/advisories/GHSA-8xv7-89vj-q48c"
},
{
"name": "https://github.com/zopefoundation/AccessControl/commit/6bc32692e0d4b8d5cf64eae3d19de987c7375bc9",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/AccessControl/commit/6bc32692e0d4b8d5cf64eae3d19de987c7375bc9"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41050",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:47:49.544178Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:19:50.945Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "AccessControl",
"vendor": "zopefoundation",
"versions": [
{
"status": "affected",
"version": "AccessControl: \u003c 4.4"
},
{
"status": "affected",
"version": "AccessControl: \u003e= 5.0, \u003c 5.8"
},
{
"status": "affected",
"version": "AccessControl: \u003e= 6.0, \u003c 6.2"
},
{
"status": "affected",
"version": "Zope: \u003c 4.8.9"
},
{
"status": "affected",
"version": "Zope: \u003e= 5.0.0, \u003c 5.8.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AccessControl provides a general security framework for use in Zope. Python\u0027s \"format\" functionality allows someone controlling the format string to \"read\" objects accessible (recursively) via attribute access and subscription from accessible objects. Those attribute accesses and subscriptions use Python\u0027s full blown `getattr` and `getitem`, not the policy restricted `AccessControl` variants `_getattr_` and `_getitem_`. This can lead to critical information disclosure. `AccessControl` already provides a safe variant for `str.format` and denies access to `string.Formatter`. However, `str.format_map` is still unsafe. Affected are all users who allow untrusted users to create `AccessControl` controlled Python code and execute it. A fix has been introduced in versions 4.4, 5.8 and 6.2. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T17:58:10.510Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/zopefoundation/AccessControl/security/advisories/GHSA-8xv7-89vj-q48c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zopefoundation/AccessControl/security/advisories/GHSA-8xv7-89vj-q48c"
},
{
"name": "https://github.com/zopefoundation/AccessControl/commit/6bc32692e0d4b8d5cf64eae3d19de987c7375bc9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/AccessControl/commit/6bc32692e0d4b8d5cf64eae3d19de987c7375bc9"
}
],
"source": {
"advisory": "GHSA-8xv7-89vj-q48c",
"discovery": "UNKNOWN"
},
"title": "Information disclosure through Python\u0027s \"format\" functionality in Zope AccessControl"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-41050",
"datePublished": "2023-09-06T17:58:10.510Z",
"dateReserved": "2023-08-22T16:57:23.933Z",
"dateUpdated": "2024-09-26T15:19:50.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32811 (GCVE-0-2021-32811)
Vulnerability from cvelistv5 – Published: 2021-08-02 21:55 – Updated: 2024-08-03 23:33
VLAI
Title
Remote Code Execution via Script (Python) objects under Python 3
Summary
Zope is an open-source web application server. Zope versions prior to versions 4.6.3 and 5.3 have a remote code execution security issue. In order to be affected, one must use Python 3 for one's Zope deployment, run Zope 4 below version 4.6.3 or Zope 5 below version 5.3, and have the optional `Products.PythonScripts` add-on package installed. By default, one must have the admin-level Zope "Manager" role to add or edit Script (Python) objects through the web. Only sites that allow untrusted users to add/edit these scripts through the web are at risk. Zope releases 4.6.3 and 5.3 are not vulnerable. As a workaround, a site administrator can restrict adding/editing Script (Python) objects through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing these scripts through the web should be restricted to trusted users only. This is the default configuration in Zope.
Severity
7.5 (High)
CWE
- CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/zopefoundation/Zope/security/a… | x_refsource_CONFIRM |
| https://github.com/zopefoundation/AccessControl/s… | x_refsource_MISC |
| https://github.com/zopefoundation/Zope/commit/f72… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zopefoundation | Zope |
Affected:
>= 4.0, < 4.6.3
Affected: >= 5.0, < 5.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:33:55.955Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-g4gq-j4p2-j8fr"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/AccessControl/security/advisories/GHSA-qcx9-j53g-ccgf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/commit/f72a18dda8e9bf2aedb46168761668464a4be988"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Zope",
"vendor": "zopefoundation",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0, \u003c 4.6.3"
},
{
"status": "affected",
"version": "\u003e= 5.0, \u003c 5.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zope is an open-source web application server. Zope versions prior to versions 4.6.3 and 5.3 have a remote code execution security issue. In order to be affected, one must use Python 3 for one\u0027s Zope deployment, run Zope 4 below version 4.6.3 or Zope 5 below version 5.3, and have the optional `Products.PythonScripts` add-on package installed. By default, one must have the admin-level Zope \"Manager\" role to add or edit Script (Python) objects through the web. Only sites that allow untrusted users to add/edit these scripts through the web are at risk. Zope releases 4.6.3 and 5.3 are not vulnerable. As a workaround, a site administrator can restrict adding/editing Script (Python) objects through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing these scripts through the web should be restricted to trusted users only. This is the default configuration in Zope."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-915",
"description": "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T21:55:11.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-g4gq-j4p2-j8fr"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/AccessControl/security/advisories/GHSA-qcx9-j53g-ccgf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/Zope/commit/f72a18dda8e9bf2aedb46168761668464a4be988"
}
],
"source": {
"advisory": "GHSA-g4gq-j4p2-j8fr",
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution via Script (Python) objects under Python 3",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-32811",
"STATE": "PUBLIC",
"TITLE": "Remote Code Execution via Script (Python) objects under Python 3"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Zope",
"version": {
"version_data": [
{
"version_value": "\u003e= 4.0, \u003c 4.6.3"
},
{
"version_value": "\u003e= 5.0, \u003c 5.3"
}
]
}
}
]
},
"vendor_name": "zopefoundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zope is an open-source web application server. Zope versions prior to versions 4.6.3 and 5.3 have a remote code execution security issue. In order to be affected, one must use Python 3 for one\u0027s Zope deployment, run Zope 4 below version 4.6.3 or Zope 5 below version 5.3, and have the optional `Products.PythonScripts` add-on package installed. By default, one must have the admin-level Zope \"Manager\" role to add or edit Script (Python) objects through the web. Only sites that allow untrusted users to add/edit these scripts through the web are at risk. Zope releases 4.6.3 and 5.3 are not vulnerable. As a workaround, a site administrator can restrict adding/editing Script (Python) objects through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing these scripts through the web should be restricted to trusted users only. This is the default configuration in Zope."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-g4gq-j4p2-j8fr",
"refsource": "CONFIRM",
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-g4gq-j4p2-j8fr"
},
{
"name": "https://github.com/zopefoundation/AccessControl/security/advisories/GHSA-qcx9-j53g-ccgf",
"refsource": "MISC",
"url": "https://github.com/zopefoundation/AccessControl/security/advisories/GHSA-qcx9-j53g-ccgf"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/f72a18dda8e9bf2aedb46168761668464a4be988",
"refsource": "MISC",
"url": "https://github.com/zopefoundation/Zope/commit/f72a18dda8e9bf2aedb46168761668464a4be988"
}
]
},
"source": {
"advisory": "GHSA-g4gq-j4p2-j8fr",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-32811",
"datePublished": "2021-08-02T21:55:11.000Z",
"dateReserved": "2021-05-12T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:33:55.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32674 (GCVE-0-2021-32674)
Vulnerability from cvelistv5 – Published: 2021-06-08 17:45 – Updated: 2024-08-03 23:25
VLAI
Title
Remote Code Execution via traversal in TAL expressions
Summary
Zope is an open-source web application server. This advisory extends the previous advisory at https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36 with additional cases of TAL expression traversal vulnerabilities. Most Python modules are not available for using in TAL expressions that you can add through-the-web, for example in Zope Page Templates. This restriction avoids file system access, for example via the 'os' module. But some of the untrusted modules are available indirectly through Python modules that are available for direct use. By default, you need to have the Manager role to add or edit Zope Page Templates through the web. Only sites that allow untrusted users to add/edit Zope Page Templates through the web are at risk. The problem has been fixed in Zope 5.2.1 and 4.6.1. The workaround is the same as for https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36: A site administrator can restrict adding/editing Zope Page Templates through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing Zope Page Templates through the web should be restricted to trusted users only.
Severity
8.8 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/zopefoundation/Zope/security/a… | x_refsource_CONFIRM |
| https://github.com/zopefoundation/Zope/security/a… | x_refsource_MISC |
| https://github.com/zopefoundation/Zope/commit/1d8… | x_refsource_MISC |
| https://pypi.org/project/Zope/ | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zopefoundation | Zope |
Affected:
>= 5.0.0, < 5.2.1
Affected: < 4.6.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:25:31.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-rpcg-f9q6-2mq6"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/commit/1d897910139e2c0b11984fc9b78c1da1365bec21"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://pypi.org/project/Zope/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Zope",
"vendor": "zopefoundation",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.2.1"
},
{
"status": "affected",
"version": "\u003c 4.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zope is an open-source web application server. This advisory extends the previous advisory at https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36 with additional cases of TAL expression traversal vulnerabilities. Most Python modules are not available for using in TAL expressions that you can add through-the-web, for example in Zope Page Templates. This restriction avoids file system access, for example via the \u0027os\u0027 module. But some of the untrusted modules are available indirectly through Python modules that are available for direct use. By default, you need to have the Manager role to add or edit Zope Page Templates through the web. Only sites that allow untrusted users to add/edit Zope Page Templates through the web are at risk. The problem has been fixed in Zope 5.2.1 and 4.6.1. The workaround is the same as for https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36: A site administrator can restrict adding/editing Zope Page Templates through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing Zope Page Templates through the web should be restricted to trusted users only."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-17T16:29:37.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-rpcg-f9q6-2mq6"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/Zope/commit/1d897910139e2c0b11984fc9b78c1da1365bec21"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://pypi.org/project/Zope/"
}
],
"source": {
"advisory": "GHSA-rpcg-f9q6-2mq6",
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution via traversal in TAL expressions",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-32674",
"STATE": "PUBLIC",
"TITLE": "Remote Code Execution via traversal in TAL expressions"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Zope",
"version": {
"version_data": [
{
"version_value": "\u003e= 5.0.0, \u003c 5.2.1"
},
{
"version_value": "\u003c 4.6.1"
}
]
}
}
]
},
"vendor_name": "zopefoundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zope is an open-source web application server. This advisory extends the previous advisory at https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36 with additional cases of TAL expression traversal vulnerabilities. Most Python modules are not available for using in TAL expressions that you can add through-the-web, for example in Zope Page Templates. This restriction avoids file system access, for example via the \u0027os\u0027 module. But some of the untrusted modules are available indirectly through Python modules that are available for direct use. By default, you need to have the Manager role to add or edit Zope Page Templates through the web. Only sites that allow untrusted users to add/edit Zope Page Templates through the web are at risk. The problem has been fixed in Zope 5.2.1 and 4.6.1. The workaround is the same as for https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36: A site administrator can restrict adding/editing Zope Page Templates through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing Zope Page Templates through the web should be restricted to trusted users only."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-rpcg-f9q6-2mq6",
"refsource": "CONFIRM",
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-rpcg-f9q6-2mq6"
},
{
"name": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36",
"refsource": "MISC",
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/1d897910139e2c0b11984fc9b78c1da1365bec21",
"refsource": "MISC",
"url": "https://github.com/zopefoundation/Zope/commit/1d897910139e2c0b11984fc9b78c1da1365bec21"
},
{
"name": "https://pypi.org/project/Zope/",
"refsource": "MISC",
"url": "https://pypi.org/project/Zope/"
}
]
},
"source": {
"advisory": "GHSA-rpcg-f9q6-2mq6",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-32674",
"datePublished": "2021-06-08T17:45:12.000Z",
"dateReserved": "2021-05-12T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:25:31.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33507 (GCVE-0-2021-33507)
Vulnerability from cvelistv5 – Published: 2021-05-21 21:33 – Updated: 2024-08-03 23:50
VLAI
Summary
Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://plone.org/security/hotfix/20210518/reflec… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2021/05/22/1 | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:50:42.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://plone.org/security/hotfix/20210518/reflected-xss-in-various-spots"
},
{
"name": "[oss-security] 20210522 Re: Plone security hotfix 20210518",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/22/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-22T17:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://plone.org/security/hotfix/20210518/reflected-xss-in-various-spots"
},
{
"name": "[oss-security] 20210522 Re: Plone security hotfix 20210518",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/22/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-33507",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://plone.org/security/hotfix/20210518/reflected-xss-in-various-spots",
"refsource": "MISC",
"url": "https://plone.org/security/hotfix/20210518/reflected-xss-in-various-spots"
},
{
"name": "[oss-security] 20210522 Re: Plone security hotfix 20210518",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/22/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-33507",
"datePublished": "2021-05-21T21:33:31.000Z",
"dateReserved": "2021-05-21T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:50:42.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32633 (GCVE-0-2021-32633)
Vulnerability from cvelistv5 – Published: 2021-05-21 13:55 – Updated: 2024-08-03 23:25
VLAI
Title
Remote Code Execution via traversal in TAL expressions
Summary
Zope is an open-source web application server. In Zope versions prior to 4.6 and 5.2, users can access untrusted modules indirectly through Python modules that are available for direct use. By default, only users with the Manager role can add or edit Zope Page Templates through the web, but sites that allow untrusted users to add/edit Zope Page Templates through the web are at risk from this vulnerability. The problem has been fixed in Zope 5.2 and 4.6. As a workaround, a site administrator can restrict adding/editing Zope Page Templates through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing Zope Page Templates through the web should be restricted to trusted users only.
Severity
6.8 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/zopefoundation/Zope/security/a… | x_refsource_CONFIRM |
| https://github.com/zopefoundation/Zope/commit/1f8… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2021/05/21/1 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2021/05/22/1 | mailing-listx_refsource_MLIST |
| https://cyllective.com/blog/post/plone-authentica… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zopefoundation | Zope |
Affected:
< 4.6
Affected: >= 5.0, < 5.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:25:30.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/commit/1f8456bf1f908ea46012537d52bd7e752a532c91"
},
{
"name": "[oss-security] 20210521 Plone security hotfix 20210518",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/21/1"
},
{
"name": "[oss-security] 20210522 Re: Plone security hotfix 20210518",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/22/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cyllective.com/blog/post/plone-authenticated-rce-cve-2021-32633/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Zope",
"vendor": "zopefoundation",
"versions": [
{
"status": "affected",
"version": "\u003c 4.6"
},
{
"status": "affected",
"version": "\u003e= 5.0, \u003c 5.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zope is an open-source web application server. In Zope versions prior to 4.6 and 5.2, users can access untrusted modules indirectly through Python modules that are available for direct use. By default, only users with the Manager role can add or edit Zope Page Templates through the web, but sites that allow untrusted users to add/edit Zope Page Templates through the web are at risk from this vulnerability. The problem has been fixed in Zope 5.2 and 4.6. As a workaround, a site administrator can restrict adding/editing Zope Page Templates through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing Zope Page Templates through the web should be restricted to trusted users only."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-29T11:47:33.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zopefoundation/Zope/commit/1f8456bf1f908ea46012537d52bd7e752a532c91"
},
{
"name": "[oss-security] 20210521 Plone security hotfix 20210518",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/21/1"
},
{
"name": "[oss-security] 20210522 Re: Plone security hotfix 20210518",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/22/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cyllective.com/blog/post/plone-authenticated-rce-cve-2021-32633/"
}
],
"source": {
"advisory": "GHSA-5pr9-v234-jw36",
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution via traversal in TAL expressions",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-32633",
"STATE": "PUBLIC",
"TITLE": "Remote Code Execution via traversal in TAL expressions"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Zope",
"version": {
"version_data": [
{
"version_value": "\u003c 4.6"
},
{
"version_value": "\u003e= 5.0, \u003c 5.2"
}
]
}
}
]
},
"vendor_name": "zopefoundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zope is an open-source web application server. In Zope versions prior to 4.6 and 5.2, users can access untrusted modules indirectly through Python modules that are available for direct use. By default, only users with the Manager role can add or edit Zope Page Templates through the web, but sites that allow untrusted users to add/edit Zope Page Templates through the web are at risk from this vulnerability. The problem has been fixed in Zope 5.2 and 4.6. As a workaround, a site administrator can restrict adding/editing Zope Page Templates through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing Zope Page Templates through the web should be restricted to trusted users only."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36",
"refsource": "CONFIRM",
"url": "https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36"
},
{
"name": "https://github.com/zopefoundation/Zope/commit/1f8456bf1f908ea46012537d52bd7e752a532c91",
"refsource": "MISC",
"url": "https://github.com/zopefoundation/Zope/commit/1f8456bf1f908ea46012537d52bd7e752a532c91"
},
{
"name": "[oss-security] 20210521 Plone security hotfix 20210518",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/21/1"
},
{
"name": "[oss-security] 20210522 Re: Plone security hotfix 20210518",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/22/1"
},
{
"name": "https://cyllective.com/blog/post/plone-authenticated-rce-cve-2021-32633/",
"refsource": "MISC",
"url": "https://cyllective.com/blog/post/plone-authenticated-rce-cve-2021-32633/"
}
]
},
"source": {
"advisory": "GHSA-5pr9-v234-jw36",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-32633",
"datePublished": "2021-05-21T13:55:10.000Z",
"dateReserved": "2021-05-12T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:25:30.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4924 (GCVE-0-2011-4924)
Vulnerability from cvelistv5 – Published: 2019-11-25 17:03 – Updated: 2024-08-07 00:23
VLAI
Summary
Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3, 3.1.1 through 3.4.1. allows remote attackers to inject arbitrary web script or HTML via vectors related to the way error messages perform sanitization. NOTE: this issue exists because of an incomplete fix for CVE-2010-1104
Severity
No CVSS data available.
CWE
- Incomplete upstream patch for CVE-2010-1104 issue
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_MISC |
| https://access.redhat.com/security/cve/cve-2011-4924 | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2012/0… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2012/0… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2012/0… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2012/0… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zope | zope2, zope3 |
Affected:
2.8.x before 2.8.12
Affected: 2.9.x before 2.9.12 Affected: 2.10.x before 2.10.11 Affected: 2.11.x before 2.11.6 Affected: and 2.12.x before 2.12.3 Affected: 3.1.1through 3.4.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:23:39.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2011-4924"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4924"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2011-4924"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/19/19"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/19/16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/19/17"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/19/18"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "zope2, zope3",
"vendor": "zope",
"versions": [
{
"status": "affected",
"version": "2.8.x before 2.8.12"
},
{
"status": "affected",
"version": "2.9.x before 2.9.12"
},
{
"status": "affected",
"version": "2.10.x before 2.10.11"
},
{
"status": "affected",
"version": "2.11.x before 2.11.6"
},
{
"status": "affected",
"version": "and 2.12.x before 2.12.3"
},
{
"status": "affected",
"version": "3.1.1through 3.4.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3, 3.1.1 through 3.4.1. allows remote attackers to inject arbitrary web script or HTML via vectors related to the way error messages perform sanitization. NOTE: this issue exists because of an incomplete fix for CVE-2010-1104"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Incomplete upstream patch for CVE-2010-1104 issue",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-25T17:03:14.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2011-4924"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4924"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2011-4924"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/19/19"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/19/16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/19/17"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/19/18"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-4924",
"datePublished": "2019-11-25T17:03:14.000Z",
"dateReserved": "2011-12-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:23:39.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5145 (GCVE-0-2009-5145)
Vulnerability from cvelistv5 – Published: 2017-08-07 17:00 – Updated: 2024-08-07 07:32
VLAI
Summary
Cross-site scripting (XSS) vulnerability in ZMI pages that use the manage_tabs_message in Zope 2.11.4, 2.11.2, 2.10.9, 2.10.7, 2.10.6, 2.10.5, 2.10.4, 2.10.2, 2.10.1, 2.12.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://bugs.launchpad.net/zope2/+bug/490514 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/72792/info | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2015/03/02/7 | mailing-listx_refsource_MLIST |
| http://cve.killedkenny.io/cve/CVE-2009-5145 | x_refsource_MISC |
| https://github.com/zopefoundation/Zope/commit/2ab… | x_refsource_CONFIRM |
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
Date Public
2009-12-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:22.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/zope2/+bug/490514"
},
{
"name": "72792",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72792/info"
},
{
"name": "[oss-security] 20150302 Re: XSS In Zope",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/02/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cve.killedkenny.io/cve/CVE-2009-5145"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zopefoundation/Zope/commit/2abdf14620f146857dc8e3ffd2b6a754884c331d"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2009-5145/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ZMI pages that use the manage_tabs_message in Zope 2.11.4, 2.11.2, 2.10.9, 2.10.7, 2.10.6, 2.10.5, 2.10.4, 2.10.2, 2.10.1, 2.12."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T16:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/zope2/+bug/490514"
},
{
"name": "72792",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72792/info"
},
{
"name": "[oss-security] 20150302 Re: XSS In Zope",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/02/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cve.killedkenny.io/cve/CVE-2009-5145"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zopefoundation/Zope/commit/2abdf14620f146857dc8e3ffd2b6a754884c331d"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2009-5145/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-5145",
"datePublished": "2017-08-07T17:00:00.000Z",
"dateReserved": "2015-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:32:22.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-6661 (GCVE-0-2012-6661)
Vulnerability from cvelistv5 – Published: 2014-11-03 22:00 – Updated: 2024-09-16 23:22
VLAI
Summary
Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, does not reseed the pseudo-random number generator (PRNG), which makes it easier for remote attackers to guess the value via unspecified vectors. NOTE: this issue was SPLIT from CVE-2012-5508 due to different vulnerability types (ADT2).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/plone/Products.CMFPlone/blob/4… | x_refsource_CONFIRM |
| https://bugs.launchpad.net/zope2/+bug/1071067 | x_refsource_CONFIRM |
| https://plone.org/products/plone/security/advisor… | x_refsource_CONFIRM |
| https://plone.org/products/plone-hotfix/releases/… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/11/10/1 | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:36:02.018Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/zope2/+bug/1071067"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plone.org/products/plone/security/advisories/20121106/24"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plone.org/products/plone-hotfix/releases/20121124"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, does not reseed the pseudo-random number generator (PRNG), which makes it easier for remote attackers to guess the value via unspecified vectors. NOTE: this issue was SPLIT from CVE-2012-5508 due to different vulnerability types (ADT2)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-03T22:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/zope2/+bug/1071067"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plone.org/products/plone/security/advisories/20121106/24"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plone.org/products/plone-hotfix/releases/20121124"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, does not reseed the pseudo-random number generator (PRNG), which makes it easier for remote attackers to guess the value via unspecified vectors. NOTE: this issue was SPLIT from CVE-2012-5508 due to different vulnerability types (ADT2)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt",
"refsource": "CONFIRM",
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
},
{
"name": "https://bugs.launchpad.net/zope2/+bug/1071067",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/zope2/+bug/1071067"
},
{
"name": "https://plone.org/products/plone/security/advisories/20121106/24",
"refsource": "CONFIRM",
"url": "https://plone.org/products/plone/security/advisories/20121106/24"
},
{
"name": "https://plone.org/products/plone-hotfix/releases/20121124",
"refsource": "CONFIRM",
"url": "https://plone.org/products/plone-hotfix/releases/20121124"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-6661",
"datePublished": "2014-11-03T22:00:00.000Z",
"dateReserved": "2014-11-03T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:22:11.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5507 (GCVE-0-2012-5507)
Vulnerability from cvelistv5 – Published: 2014-09-30 14:00 – Updated: 2024-08-06 21:05
VLAI
Summary
AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain passwords via vectors involving timing discrepancies in password validation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/plone/Products.CMFPlone/blob/4… | x_refsource_CONFIRM |
| https://bugs.launchpad.net/zope2/+bug/1071067 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/11/10/1 | mailing-listx_refsource_MLIST |
| https://plone.org/products/plone-hotfix/releases/… | x_refsource_CONFIRM |
| https://plone.org/products/plone/security/advisor… | x_refsource_CONFIRM |
Date Public
2012-11-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:05:47.261Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/zope2/+bug/1071067"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plone.org/products/plone-hotfix/releases/20121106"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plone.org/products/plone/security/advisories/20121106/23"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-11-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain passwords via vectors involving timing discrepancies in password validation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-30T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/zope2/+bug/1071067"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plone.org/products/plone-hotfix/releases/20121106"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plone.org/products/plone/security/advisories/20121106/23"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-5507",
"datePublished": "2014-09-30T14:00:00.000Z",
"dateReserved": "2012-10-24T00:00:00.000Z",
"dateUpdated": "2024-08-06T21:05:47.261Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5489 (GCVE-0-2012-5489)
Vulnerability from cvelistv5 – Published: 2014-09-30 14:00 – Updated: 2024-08-06 21:05
VLAI
Summary
The App.Undo.UndoSupport.get_request_var_or_attr function in Zope before 2.12.21 and 3.13.x before 2.13.11, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote authenticated users to gain access to restricted attributes via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/plone/Products.CMFPlone/blob/4… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/11/10/1 | mailing-listx_refsource_MLIST |
| https://plone.org/products/plone/security/advisor… | x_refsource_CONFIRM |
| https://bugs.launchpad.net/zope2/+bug/1079238 | x_refsource_CONFIRM |
| https://plone.org/products/plone-hotfix/releases/… | x_refsource_CONFIRM |
Date Public
2012-11-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:05:47.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plone.org/products/plone/security/advisories/20121106/05"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/zope2/+bug/1079238"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plone.org/products/plone-hotfix/releases/20121106"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-11-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The App.Undo.UndoSupport.get_request_var_or_attr function in Zope before 2.12.21 and 3.13.x before 2.13.11, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote authenticated users to gain access to restricted attributes via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-30T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plone.org/products/plone/security/advisories/20121106/05"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/zope2/+bug/1079238"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plone.org/products/plone-hotfix/releases/20121106"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-5489",
"datePublished": "2014-09-30T14:00:00.000Z",
"dateReserved": "2012-10-24T00:00:00.000Z",
"dateUpdated": "2024-08-06T21:05:47.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5486 (GCVE-0-2012-5486)
Vulnerability from cvelistv5 – Published: 2014-09-30 14:00 – Updated: 2024-08-06 21:05
VLAI
Summary
ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://bugs.launchpad.net/zope2/+bug/930812 | x_refsource_CONFIRM |
| https://plone.org/products/plone/security/advisor… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/11/10/1 | mailing-listx_refsource_MLIST |
| https://plone.org/products/plone-hotfix/releases/… | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2014-1194.html | vendor-advisoryx_refsource_REDHAT |
Date Public
2012-11-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:05:47.236Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/zope2/+bug/930812"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plone.org/products/plone/security/advisories/20121106/02"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plone.org/products/plone-hotfix/releases/20121106"
},
{
"name": "RHSA-2014:1194",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1194.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-11-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-10-06T13:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/zope2/+bug/930812"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plone.org/products/plone/security/advisories/20121106/02"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plone.org/products/plone-hotfix/releases/20121106"
},
{
"name": "RHSA-2014:1194",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1194.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-5486",
"datePublished": "2014-09-30T14:00:00.000Z",
"dateReserved": "2012-10-24T00:00:00.000Z",
"dateUpdated": "2024-08-06T21:05:47.236Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3587 (GCVE-0-2011-3587)
Vulnerability from cvelistv5 – Published: 2011-10-10 10:00 – Updated: 2024-08-06 23:37
VLAI
Summary
Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=742297 | x_refsource_CONFIRM |
| http://secunia.com/advisories/46221 | third-party-advisoryx_refsource_SECUNIA |
| http://pypi.python.org/pypi/Products.PloneHotfix2… | x_refsource_CONFIRM |
| http://secunia.com/advisories/46323 | third-party-advisoryx_refsource_SECUNIA |
| http://plone.org/products/plone/security/advisori… | x_refsource_CONFIRM |
| http://zope2.zope.org/news/security-vulnerability… | x_refsource_CONFIRM |
| http://plone.org/products/plone-hotfix/releases/2… | x_refsource_CONFIRM |
| http://plone.org/products/plone-hotfix/releases/2… | x_refsource_CONFIRM |
Date Public
2011-09-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:37:48.380Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=742297"
},
{
"name": "46221",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46221"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0"
},
{
"name": "46323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46323"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://plone.org/products/plone/security/advisories/20110928"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://plone.org/products/plone-hotfix/releases/20110928"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-10-19T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=742297"
},
{
"name": "46221",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46221"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0"
},
{
"name": "46323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46323"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://plone.org/products/plone/security/advisories/20110928"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://plone.org/products/plone-hotfix/releases/20110928"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3587",
"datePublished": "2011-10-10T10:00:00.000Z",
"dateReserved": "2011-09-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:37:48.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2528 (GCVE-0-2011-2528)
Vulnerability from cvelistv5 – Published: 2011-07-19 20:00 – Updated: 2024-08-06 23:08
VLAI
Summary
Unspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x before 2.13.8, as used in Plone 4.x and other products, and (2) PloneHotfix20110720 for Plone 3.x allows attackers to gain privileges via unspecified vectors, related to a "highly serious vulnerability." NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-0720.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/45056 | third-party-advisoryx_refsource_SECUNIA |
| http://plone.org/products/plone/security/advisori… | x_refsource_CONFIRM |
| https://bugzilla.redhat.com/show_bug.cgi?id=718824 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2011/07/12/9 | mailing-listx_refsource_MLIST |
| https://mail.zope.org/pipermail/zope-announce/201… | mailing-listx_refsource_MLIST |
| http://plone.org/products/plone-hotfix/releases/2… | x_refsource_CONFIRM |
| http://secunia.com/advisories/45111 | third-party-advisoryx_refsource_SECUNIA |
| http://www.openwall.com/lists/oss-security/2011/07/04/6 | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:08:21.987Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45056"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://plone.org/products/plone/security/advisories/20110622"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=718824"
},
{
"name": "[oss-security] 20110712 Re: CVE request: plone privilege escalation flaw",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/12/9"
},
{
"name": "[zone-announce] 20110628 Security Hotfix 20110622 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://mail.zope.org/pipermail/zope-announce/2011-June/002260.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://plone.org/products/plone-hotfix/releases/20110622"
},
{
"name": "45111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45111"
},
{
"name": "[oss-security] 20110704 CVE request: plone privilege escalation flaw",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/04/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x before 2.13.8, as used in Plone 4.x and other products, and (2) PloneHotfix20110720 for Plone 3.x allows attackers to gain privileges via unspecified vectors, related to a \"highly serious vulnerability.\" NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-0720."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-07-19T20:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "45056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45056"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://plone.org/products/plone/security/advisories/20110622"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=718824"
},
{
"name": "[oss-security] 20110712 Re: CVE request: plone privilege escalation flaw",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/12/9"
},
{
"name": "[zone-announce] 20110628 Security Hotfix 20110622 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://mail.zope.org/pipermail/zope-announce/2011-June/002260.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://plone.org/products/plone-hotfix/releases/20110622"
},
{
"name": "45111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45111"
},
{
"name": "[oss-security] 20110704 CVE request: plone privilege escalation flaw",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/04/6"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2528",
"datePublished": "2011-07-19T20:00:00.000Z",
"dateReserved": "2011-06-15T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:08:21.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}