PYSEC-2023-193
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/zope/PYSEC-2023-193.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2023-193
- Aliases
- Published
- 2023-10-04T21:15:00Z
- Modified
- 2023-11-08T04:13:34.876541Z
- Severity
-
- 4.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Zope is an open-source web application server. The title property, available on most Zope objects, can be used to store script code that is executed while viewing the affected object in the Zope Management Interface (ZMI). All versions of Zope 4 and Zope 5 are affected. Patches will be released with Zope versions 4.8.11 and 5.8.6
- References
Affected packages
PyPI / zope
Package
- Name
- zope
- View open source insights on deps.dev
- Purl
- pkg:pypi/zope
Affected ranges
- Type
- GIT
- Repo
- https://github.com/zopefoundation/Zope
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixed
- Type
- ECOSYSTEM
- Events
-
Introduced5.0Fixed5.8.6Introduced4.0Fixed4.8.11
Affected versions
4.*
4.0
4.1
4.1.1
4.1.2
4.1.3
4.2
4.2.1
4.3
4.4
4.4.1
4.4.2
4.4.3
4.4.4
4.5
4.5.1
4.5.2
4.5.3
4.5.4
4.5.5
4.6
4.6.1
4.6.2
4.6.3
4.7
4.8
4.8.1
4.8.2
4.8.3
4.8.4
4.8.5
4.8.6
4.8.7
4.8.8
4.8.9
4.8.10
5.*
5.0
5.1
5.1.1
5.1.2
5.2
5.2.1
5.3
5.4
5.5
5.5.1
5.5.2
5.6
5.7
5.7.1
5.7.2
5.7.3
5.8
5.8.1
5.8.2
5.8.3
5.8.4
5.8.5