Search CVE reports
1 – 3 of 3 results
Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3, 3.1.1 through 3.4.1. allows remote attackers to inject arbitrary web...
5 affected packages
zope2.10, zope2.11, zope2.12, zope2.9, zope3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| zope2.10 | — | — | — | — |
| zope2.11 | — | — | — | — |
| zope2.12 | — | — | — | — |
| zope2.9 | — | — | — | — |
| zope3 | — | — | — | — |
Some fixes available 6 of 16
Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to bypass authentication via vectors involving the ZEO network protocol.
6 affected packages
zope2.10, zodb, zope2.11, zope2.8, zope2.9, zope3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| zope2.10 | — | — | — | — |
| zodb | — | — | — | — |
| zope2.11 | — | — | — | — |
| zope2.8 | — | — | — | — |
| zope2.9 | — | — | — | — |
| zope3 | — | — | — | — |
Some fixes available 6 of 16
Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO...
6 affected packages
zodb, zope2.10, zope2.11, zope2.8, zope2.9, zope3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| zodb | — | — | — | — |
| zope2.10 | — | — | — | — |
| zope2.11 | — | — | — | — |
| zope2.8 | — | — | — | — |
| zope2.9 | — | — | — | — |
| zope3 | — | — | — | — |