Zope2

Latest version: v4.0

Vulnerabilities (26)

CVE/PVE	Vulnerability ID	Advisory	Affected versions	Severity	Severity Score
CVE-2009-0669	53308	Zope2 2.11.4, 2.10.9, 2.9.11 and 2.8.11 include a fix for CVE-2009-06…	<2.8.11 >=2.9a1,<2.9.11 >=2.10a1,<2.10.9 >=2.11a1,<2.11.4	HIGH	7.5
CVE-2010-1104	26197	Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12,…	>=2.12,<2.12.3 >=2.10,<2.10.11 >=2.8,<2.8.12 >=2.9,<2.9.12	MEDIUM	4.3
CVE-2006-3458	53309	Zope2 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does…	<2.7.0 >=2.8a1,<2.8.7 >=2.9a1,<2.9.3	LOW	2.1
CVE-2005-3323	61227	docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows r…	>2.5.0,<=2.6 >=2.7.0,<2.7.8 >=2.8.0,<2.8.2	HIGH	7.5
CVE-2006-4684	61228	The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 thr…	>=2.7.0,<=2.7.9 >=2.8.0,<=2.8.8	MEDIUM	5.0
CVE-2012-5489	26193	The App.Undo.UndoSupport.get_request_var_or_attr function in Zope bef…	<2.12.21 >=2.13.0a1,<2.13.11	MEDIUM	6.5
CVE-2011-2528	26192	Unspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.…	<2.12.19 >=2.13,<2.13.8	HIGH	7.5
CVE-2011-3587	26196	Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone…	>=2.12.0a1,<2.12.21 >=2.13.0a1,<2.13.11	HIGH	9.3
CVE-2010-3198	26191	ZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows…	>=2.11.0a1,<2.11.7 >=2.10.0a1,<2.10.12	MEDIUM	4.3
CVE-2002-0688	61241	ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.…	>=2.4.1b1,<=2.5.1	HIGH	7.5
CVE-2001-0567	61234	Digital Creations Zope 2.3.2 and earlier allows a local attacker to g…	<2.3.3	MEDIUM	4.6
CVE-2001-0569	61236	Digital Creations Zope 2.3.1 b1 and earlier contains a problem in the…	<=2.3.1b1	LOW	2.1
CVE-2001-0568	61235	Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker (…	<=2.3.1b1	LOW	2.1
CVE-2001-1278	61238	Zope before 2.2.4 allows partially trusted users to bypass security c…	<=2.2.4b2	HIGH	7.5
CVE-2001-1227	61237	Zope before 2.2.4 allows partially trusted users to bypass security c…	<=2.2.4b2	HIGH	7.5
CVE-2001-0128	61233	Zope before 2.2.4 does not properly compute local roles, which could …	<=2.2.4b2	HIGH	7.2
CVE-2000-0483	61229	The DocumentTemplate package in Zope 2.2 and earlier allows a remote …	<=2.2.4b1	HIGH	7.5
CVE-2000-1212	61232	Zope 2.2.0 through 2.2.4 does not properly protect a data updating me…	>=2.2.1b1,<=2.2.4	MEDIUM	5.0
CVE-2000-0725	61230	Zope before 2.2.1 does not properly restrict access to the getRoles m…	<2.2.1	HIGH	7.2
CVE-2002-0170	61239	Zope 2.2.0 through 2.5.1 does not properly verify the access for obje…	>=2.2.0a4,<=2.5.1	HIGH	7.5
CVE-2000-1211	61231	Zope 2.2.0 through 2.2.4 does not properly perform security registrat…	>=2.2.0,<=2.2.4	HIGH	7.5
CVE-2012-5507	33169	AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plon…	<2.13.19	MEDIUM	4.3
CVE-2012-5486	33168	ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used…	<2.13.19	MEDIUM	6.4
CVE-2008-5102	54896	PythonScripts in Zope2 2.11.2 and earlier, as used in Conga and other…	<=2.11.2	MEDIUM	4.0
CVE-2009-5145	61289	Cross-site scripting (XSS) vulnerability in ZMI pages that use the ma…	>=2.10.0b1,<=2.12.10	MEDIUM	6.1
CVE-2002-0687	61240	The "through the web code" capability for Zope 2.0 through 2.5.1 b1 a…	>=2.0.0a4,<=2.5.1b1	MEDIUM	5.0