Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-g5vw-3h65-2q3v
  • PyPI/accesscontrol
  • PyPI/zope
 Access control vulnerable to user data deletion by anonynmous users 04 Nov 2024
  • Fix available
  • Severity - 6.6 (Medium)
PYSEC-2023-193
  • PyPI/zope
  • github.com/zopefoundation/Zope
 See record for full details 04 Oct 2023
  • Fix available
  • Severity - 4.8 (Medium)
GHSA-m755-gxxg-r5qh
  • PyPI/zope
 Zope management interface vulnerable to stored cross site scripting via the title property 04 Oct 2023
  • Fix available
  • Severity - 3.1 (Low)
GHSA-wm8q-9975-xh5v
  • PyPI/zope
 Zope vulnerable to Stored Cross Site Scripting with SVG images 21 Sep 2023
  • Fix available
  • Severity - 3.7 (Low)
GHSA-8xv7-89vj-q48c
  • PyPI/accesscontrol
  • PyPI/zope
 Information disclosure in AccessControl 07 Sep 2023
  • Fix available
  • Severity - 6.8 (Medium)
GHSA-qh4q-fwf8-qqrw
  • PyPI/zope
 Zope Denial of Service (DoS) vulnerability in ZServer 17 May 2022
  • Fix available
  • Severity - 8.7 (High)
GHSA-j5cc-3h6r-jqh4
  • PyPI/zope
 Zope DocumentTemplate package allows unauthenticated write 03 May 2022
  • No fix available
GHSA-7944-h5rw-qmjx
  • PyPI/zope
 ZCatalog plug-in for Zope allows anonymous users to bypass access restrictions 30 Apr 2022
  • Fix available
GHSA-vwrc-g9q6-f675
  • PyPI/zope
 Zope Server vulnerable to DoS via header injection 30 Apr 2022
  • Fix available
GHSA-c3rp-4cjh-cp38
  • PyPI/zope
 Zope does not properly verify the access for objects with proxy roles 30 Apr 2022
  • Fix available
GHSA-7whr-j8vf-r4wj
  • PyPI/zope
 Zope allows attackers to modify raw image and file data 30 Apr 2022
  • No fix available
GHSA-h2xh-jvpf-xq42
  • PyPI/zope
 Zope does not properly perform security registration for legacy names 30 Apr 2022
  • No fix available
GHSA-9cmq-pj6p-hgwf
  • PyPI/zope
 Zope does not properly restrict access to the getRoles method 30 Apr 2022
  • Fix available
GHSA-wcwp-r3fj-mm3p
  • PyPI/zope
 Zope DTML implementation Improper Authentication 30 Apr 2022
  • No fix available
GHSA-vh6g-786f-hxxp
  • PyPI/zope
  • PyPI/zope2
 Zope XSS Vulnerability 22 Apr 2022
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-g4gq-j4p2-j8fr
  • PyPI/zope
 Remote Code Execution via Script (Python) objects under Python 3 05 Aug 2021
  • Fix available
  • Severity - 7.7 (High)
Load more...(1 page left)