PYSEC-2026-761

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/zope/PYSEC-2026-761.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-761
Aliases
Published
2026-07-02T14:13:19.339413Z
Modified
2026-07-06T08:01:03.773637016Z
Summary
Zope Server vulnerable to DoS via header injection
Details

Zope is a Web application server for Linux. Zope versions 2.0 through 2.5.1 b1 are vulnerable to a denial of service attack, caused by a vulnerability that occurs when using the "through the Web code" capability. A remote attacker could inject malicious headers into a response to cause the vulnerable system to crash.

References

Affected packages

PyPI / zope

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.0.0
Fixed
2.4.4b2
Introduced
2.5.0
Fixed
2.5.1b2

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/zope/PYSEC-2026-761.yaml"