Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1oMnhoLWp2cGYteHE0Ms1bog
Zope does not properly perform security registration for legacy names
Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.
Permalink: https://github.com/advisories/GHSA-h2xh-jvpf-xq42JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1oMnhoLWp2cGYteHE0Ms1bog
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: about 2 years ago
Updated: 8 months ago
Identifiers: GHSA-h2xh-jvpf-xq42, CVE-2000-1211
References:
- https://nvd.nist.gov/vuln/detail/CVE-2000-1211
- http://www.redhat.com/support/errata/RHSA-2000-125.html
- http://www.zope.org/Products/Zope/Hotfix_2000-12-08/security_alert
- https://web.archive.org/web/20010910131909/http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-083.php3
- https://web.archive.org/web/20021227061438/http://www.iss.net/security_center/static/5824.php
- https://github.com/advisories/GHSA-h2xh-jvpf-xq42
Affected Packages
pypi:zope
Dependent packages: 11Dependent repositories: 113
Downloads: 46,535 last month
Affected Version Ranges: >= 2.2.0, <= 2.2.4
No known fixed version
All affected versions: