pkg:PyPI/zope

26 total CVEsCRITICAL1HIGH6MEDIUM8LOW3

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.1CVE-2024-51734Access control vulnerable to user data deletion by anonynmous users
    from 0, < 5.11.1
  • HIGH7.5CVE-2010-3198Zope Denial of Service (DoS) vulnerability in ZServer
  • HIGH7.5CVE-2010-3198Zope Denial of Service (DoS) vulnerability in ZServer
    >= 2.10.0, < 2.10.12, >= 2.11.0, < 2.11.7
  • HIGH7.5CVE-2010-3198Zope Denial of Service (DoS) vulnerability in ZServer
    >= 2.10.0, < 2.10.12
  • HIGH7.5CVE-2021-32807Remote Code Execution via unsafe classes in otherwise permitted modules
    from 0, < b42dd4badf803bb9fb71ac34cd9cb0c249262f2c | >= 5.0, < 5.2, >= 4.0, < 4.3
  • HIGH7.5CVE-2021-32807Remote Code Execution via unsafe classes in otherwise permitted modules
    >= 4.0, < 4.6.3
  • HIGH7.5CVE-2021-32807Remote Code Execution via unsafe classes in otherwise permitted modules
    from 0, < f72a18dda8e9bf2aedb46168761668464a4be988 | >= 4.0, < 4.6.3, >= 5.0, < 5.3
  • MEDIUM6.8CVE-2023-41050Information disclosure in AccessControl
    from 0, < 4.8.9
  • MEDIUM6.8CVE-2021-32633Remote Code Execution via traversal in TAL expressions
    from 0, < 4.6
  • MEDIUM6.8CVE-2021-32633Remote Code Execution via traversal in TAL expressions
    from 0, < 4.6.1
  • MEDIUM6.8CVE-2021-32633Remote Code Execution via traversal in TAL expressions
    from 0, < 4.6
  • MEDIUM6.8CVE-2021-32633Remote Code Execution via traversal in TAL expressions
    >= 5.0, < 5.2.1
  • MEDIUM6.8CVE-2021-32633Remote Code Execution via traversal in TAL expressions
    from 0, < 1d897910139e2c0b11984fc9b78c1da1365bec21 | >= 5.0, < 5.2.1, >= 4.0, < 4.6.1
  • MEDIUM6.8CVE-2021-32633Remote Code Execution via traversal in TAL expressions
    from 0, < 1f8456bf1f908ea46012537d52bd7e752a532c91 | from 0, < 4.6, >= 5.0, < 5.2
  • MEDIUM6.1CVE-2011-4924Zope XSS Vulnerability
    >= 3.1.1, < 3.7.3
  • LOW3.7CVE-2023-42458Zope vulnerable to Stored Cross Site Scripting with SVG images
    from 0, < 4.8.10
  • LOW3.1CVE-2023-44389Zope management interface vulnerable to stored cross site scripting via the title property
    >= 4.0.0, < 4.8.11
  • LOW3.1CVE-2023-44389Zope management interface vulnerable to stored cross site scripting via the title property
    from 0, < aeaf2cdc80dff60815e3706af448f086ddc3b98d, < 21dfa78609ffd8b6bd8143805678ebbacae5141a | >= 5.0, < 5.8.6, >= 4.0, < 4.8.11
  • CVE-2000-0483Zope DocumentTemplate package allows unauthenticated write
    from 0, <= 2.2
  • CVE-2002-0688zope - arbitrary code execution
    >= 2.4.0, < 2.6.0
  • CVE-2002-0687Zope Server vulnerable to DoS via header injection
    >= 2.0.0, < 2.4.4b2
  • CVE-2002-0170Zope does not properly verify the access for objects with proxy roles
    >= 2.2.0, < 2.4.4
  • CVE-2000-1212Zope allows attackers to modify raw image and file data
    >= 2.2.0, <= 2.2.4
  • CVE-2000-1211Zope does not properly perform security registration for legacy names
    >= 2.2.0, <= 2.2.4
  • CVE-2000-0725Zope does not properly restrict access to the getRoles method
    from 0, < 2.2.1
  • CVE-2000-0062Zope DTML implementation Improper Authentication
    >= 2.2.0, <= 2.2.4