exploitDog

GHSA-h2xh-jvpf-xq42

Опубликовано: 30 апр. 2022

Источник: github

Github: Прошло ревью

Описание

Zope does not properly perform security registration for legacy names

Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.

Ссылки

Пакеты

Наименование

zope

pip

Затронутые версииВерсия исправления

>= 2.2.0, <= 2.2.4

Отсутствует

EPSS

Процентиль: 69%

0.00602

Низкий

CVE ID

Дефекты

CWE-287

Связанные уязвимости

CVE-2000-1211

redhat

около 25 лет назад

Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.

CVE-2000-1211

nvd

около 25 лет назад

Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.

EPSS

Процентиль: 69%

0.00602

Низкий

CVE ID

Дефекты

CWE-287