Search CVE reports


Toggle filters

1 – 7 of 7 results


CVE-2011-4924

Medium priority
Ignored

Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3, 3.1.1 through 3.4.1. allows remote attackers to inject arbitrary web...

5 affected packages

zope2.10, zope2.11, zope2.12, zope2.9, zope3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zope2.10
zope2.11
zope2.12
zope2.9
zope3
Show less packages

CVE-2010-3198

Medium priority
Ignored

ZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows remote attackers to cause a denial of service (crash of worker threads) via vectors that trigger uncaught exceptions.

2 affected packages

zope2.10, zope2.11

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zope2.10
zope2.11
Show less packages

CVE-2010-1104

Medium priority
Ignored

Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3 allows remote attackers to inject arbitrary web script or HTML via...

4 affected packages

zope2.10, zope2.11, zope2.8, zope2.9

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zope2.10
zope2.11
zope2.8
zope2.9
Show less packages

CVE-2009-0669

Medium priority

Some fixes available 6 of 16

Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to bypass authentication via vectors involving the ZEO network protocol.

6 affected packages

zodb, zope2.10, zope2.11, zope2.8, zope2.9, zope3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zodb
zope2.10
zope2.11
zope2.8
zope2.9
zope3
Show less packages

CVE-2009-0668

Medium priority

Some fixes available 6 of 16

Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO...

6 affected packages

zodb, zope2.10, zope2.11, zope2.8, zope2.9, zope3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zodb
zope2.10
zope2.11
zope2.8
zope2.9
zope3
Show less packages

CVE-2008-5102

Medium priority
Ignored

PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other products, allows remote authenticated users to cause a denial of service (resource consumption or application halt) via certain (1) raise or (2) import statements.

1 affected package

zope2.10

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zope2.10
Show less packages

CVE-2006-3458

Unknown priority

Some fixes available 2 of 3

Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to...

2 affected packages

zope2.10, zope2.9

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zope2.10
zope2.9
Show less packages