Описание
Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to read arbitrary files.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 2.10.3-2 |
| edgy | DNE | |
| feisty | DNE | |
| upstream | needs-triage |
Показывать по
10
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life, was needed |
| devel | released | 2.9.5-1 |
| edgy | released | 2.9.5-1 |
| feisty | released | 2.9.5-1 |
| upstream | needs-triage |
Показывать по
10
EPSS
Процентиль: 29%
0.00103
Низкий
2.1 Low
CVSS2
Связанные уязвимости
nvd
около 19 лет назад
Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to read arbitrary files.
debian
около 19 лет назад
Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does n ...
EPSS
Процентиль: 29%
0.00103
Низкий
2.1 Low
CVSS2