Описание
Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to read arbitrary files.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 2.10.3-2 |
| edgy | DNE | |
| feisty | DNE | |
| upstream | needs-triage |
Показывать по
10
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life, was needed |
| devel | released | 2.9.5-1 |
| edgy | released | 2.9.5-1 |
| feisty | released | 2.9.5-1 |
| upstream | needs-triage |
Показывать по
10
2.1 Low
CVSS2
Связанные уязвимости
nvd
больше 19 лет назад
Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to read arbitrary files.
debian
больше 19 лет назад
Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does n ...
2.1 Low
CVSS2