PYSEC-2006-8
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/zope2/PYSEC-2006-8.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2006-8
- Withdrawn
- 2024-11-22T04:37:05Z
- Published
- 2006-09-19T18:07:00Z
- Modified
- 2024-11-21T14:23:03.633470Z
- Summary
- [none]
- Details
-
The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary files via a csv_table directive, a different vulnerability than CVE-2006-3458.
- References
-
- http://mail.zope.org/pipermail/zope-announce/2006-August/002005.html
- http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt
- http://www.debian.org/security/2006/dsa-1176
- http://secunia.com/advisories/21947
- http://secunia.com/advisories/21953
- http://www.securityfocus.com/bid/20022
- http://www.vupen.com/english/advisories/2006/3653
Affected packages
PyPI / zope2
Package
- Name
- zope2
- View open source insights on deps.dev
- Purl
- pkg:pypi/zope2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.12.0.a1
2.12.0a2
2.12.0a3
2.12.0a4
2.12.0b1
2.12.0b2
2.12.0b3
2.12.0b4
2.12.0c1
2.12.0
2.12.1
2.12.2
2.12.3
2.12.4
2.12.5
2.12.6
2.12.7
2.12.8
2.12.9
2.12.10
2.12.11
2.12.12
2.12.13
2.12.14
2.12.15
2.12.16
2.12.17
2.12.18
2.12.19
2.12.20
2.12.21
2.12.22
2.12.23
2.12.24
2.12.25
2.12.26
2.12.27
2.12.28
2.13.0a1
2.13.0a2
2.13.0a3
2.13.0a4
2.13.0b1
2.13.0c1
2.13.0
2.13.1
2.13.2
2.13.3
2.13.4
2.13.5
2.13.6
2.13.7
2.13.8
2.13.9
2.13.10
2.13.11
2.13.12
2.13.13
2.13.14
2.13.15
2.13.16
2.13.17
2.13.18
2.13.19
2.13.20
2.13.21
2.13.22
2.13.23
2.13.24
2.13.25
2.13.26
2.13.27
2.13.28
2.13.29
2.13.30
4.*
4.0a1
4.0a2
4.0a3
4.0a4
4.0a5
4.0a6
4.0b1
4.0