PYSEC-2014-67

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/products-cmfplone/PYSEC-2014-67.yaml

JSON Data

https://api.osv.dev/v1/vulns/PYSEC-2014-67

Aliases

Published

2014-05-02T14:55:00Z

Modified

2023-11-08T03:57:27.279593Z

Summary

[none]

Details

Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to obtain the installation path via vectors related to a file object for unspecified documentation which is initialized in class scope.

References

Affected packages

PyPI / products-cmfplone

Package

Name: products-cmfplone; View open source insights on deps.dev
Purl: pkg:pypi/products-cmfplone

Affected ranges

Type: ECOSYSTEM
Events: Introduced

3.3

Fixed

4.3.3

Affected versions

4.*

4.0b1

4.1a1

4.1a2

4.1a3

4.1b1

4.1b2

4.1rc2

4.1rc3

4.1

4.1.1

4.1.2

4.1.3

4.1.4

4.1.5

4.1.6

4.2a1

4.2a2

4.2b1

4.2b2

4.2rc1

4.2rc2

4.2

4.2.0.1

4.2.1

4.2.1.1

4.2.2

4.2.3

4.2.4

4.2.5

4.2.6

4.2.7

4.3a1

4.3a2

4.3b1

4.3b2

4.3rc1

4.3

4.3.1

4.3.2

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/products-cmfplone/PYSEC-2014-67.yaml"