CVE-2021-33509
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-33509
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-33509.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2021-33509
- Aliases
- Published
- 2021-05-21T22:15:08Z
- Modified
- 2024-09-03T03:50:11.992885Z
- Severity
-
- 9.9 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script.
- References
Affected packages
Git / github.com/plone/plone
Affected ranges
- Type
- GIT
- Repo
- https://github.com/plone/plone
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
4.*
4.1.0
4.1a1
4.1a2
4.1a3
4.1b1
4.1b2
4.1rc1
4.1rc2
4.1rc3
4.2a1
4.2a2
4.2b1
4.2b2
4.2rc1
4.3
4.3.1
4.3a1
4.3a2
4.3b1
4.3b2
5.*
5.0
5.0.1
5.0.2
5.0a2
5.0a3
5.0b1
5.0b3
5.0b4
5.0rc1
5.0rc2
5.0rc3
5.1.0
5.1.1
5.1.2
5.1.3
5.1.4
5.1a1
5.1a2
5.1b1
5.1b2
5.1b3
5.1b4
5.1rc1
5.1rc2
5.2.0
5.2.1
5.2.2
5.2.3
5.2.4
5.2a1
5.2a2
5.2b1
5.2rc1
5.2rc2
5.2rc3
5.2rc4
5.2rc5