Описание
Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:zope:zope:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.0a1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.0b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.0b2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.0b3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.0b4:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.1b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.4:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.00602
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
redhat
больше 24 лет назад
Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.
github
около 3 лет назад
Zope does not properly perform security registration for legacy names
EPSS
Процентиль: 69%
0.00602
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other