Описание
Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to read arbitrary files.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:zope:zope:2.7.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.4:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.5:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.6:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.7:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.8:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.4:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.5:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.6:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.7:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.9.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.9.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.9.2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.9.3:*:*:*:*:*:*:*
EPSS
Процентиль: 29%
0.00103
Низкий
2.1 Low
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
ubuntu
около 19 лет назад
Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to read arbitrary files.
debian
около 19 лет назад
Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does n ...
EPSS
Процентиль: 29%
0.00103
Низкий
2.1 Low
CVSS2
Дефекты
NVD-CWE-Other