Workflow

Zope

Latest version: v5.11.1

Vulnerabilities (17)

CVE/PVE Vulnerability ID Advisory Affected versions Severity Severity Score
CVE-2011-4924 37737

CVE-2011-4924: Cross-site scripting (XSS) vulnerability in Zope 2.8.x…
  • >=2.8,<2.8.12
  • >=2.9,<2.9.12
  • >=2.10,<2.10.11
  • >=2.11,<2.11.6
  • >=2.12,<2.12.3
  • >=3.1.1,<=3.4.1
 MEDIUM 6.1
CVE-2009-0669 39554

Zope 2.11.4, 2.10.9, 2.9.11 and 2.8.11 include a fix for CVE-2009-066…
  • <2.8.11
  • >=2.9a1,<2.9.11
  • >=2.10a1,<2.10.9
  • >=2.11a1,<2.11.4
 HIGH 7.5
CVE-2006-3458 35259

Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does …
  • <2.7.0
  • >=2.8a1,<2.8.7
  • >=2.9a1,<2.9.3
 LOW 2.1
CVE-2022-24761 47976

Zope 5.5.1 and 4.8.1 update its dependency 'waitress' to v2.1.1 to in…
  • >=5.0a1,<5.5.1
  • <4.8.1
 HIGH 7.5
CVE-2023-44389 61581

Zope 4.8.11 and 5.8.6 include a fix for CVE-2023-44389: The title pro…
  • <4.8.11
  • >=5.0a1,<5.8.6
 MEDIUM 4.8
CVE-2023-42458 61343

Zope 4.8.10 and 5.8.5 include a fix for CVE-2023-42458: Stored Cross …
  • <4.8.10
  • >=5.0a1,<5.8.5
 MEDIUM 5.4
CVE-2021-32633 40531

Zope 4.6 and 5.2 includes a fix for CVE-2021-32633: Zope is an open-s…
  • <4.6.0
  • >=5.0a1,<5.2
 HIGH 8.8
CVE-2021-32674 40636

Zope 5.2.1 and 4.6.1 include a fix for CVE-2021-32674: This is an ext…
  • >=4.0.0a1,<4.6.1
  • >=5.0.0a1,<5.2.1
 HIGH 8.8
CVE-2021-32811 41069

Zope 4.6.3 and 5.3.0 include a fix for CVE-2021-32811: Zope versions …
  • >=4.0.0,<4.6.3
  • >=5.0.0,<5.3.0
 HIGH 7.2
CVE-2023-41039 60973

Zope updates its dependency 'RestrictedPython' to '6.2' in master bra…
  • <5.8.4
 HIGH 7.7
CVE-2023-41050 60984

Zope 5.8.4 updates its dependency 'AccessControl' to '6.2' to include…
  • <5.8.4
 HIGH 7.7
CVE-2021-32807 41051

Zope 5.3 updates its dependency 'AccessControl' to include a securit…
  • >=5.0.0,<5.3.0
 HIGH 7.2
CVE-2009-2701 36590

Zope 3.9.0 fixes CVE-2009-2701.
  • <3.9.0
 MEDIUM 6.0
CVE-2021-33507 40532

Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService …
  • <2.5.1
 MEDIUM 6.1
CVE-2012-6661 26189

Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before bet…
  • <2.13.19
 MEDIUM 5.0
PVE-2021-41055 41055

Zope 2.13.1 restores security declarations for deprecated 'sets' modu…
  • <2.13.1
 - -
CVE-2007-0240 45249

Zope throughout 2.10.2 is vulnerable to CVE-2007-0240: Cross-site scr…
  • <=2.10.2
 MEDIUM 4.3