Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
pypi Plone Security Advisories
Loading...
High
Ecosystems: pypi
Packages: plone.supermodel, plone.app.dexterity, plone.app.theming, plone.app.event, Plone
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg3d2YtNW1qYy02eDc2
SSRF attacks via tracebacks in PloneEcosystems: pypi
Packages: plone.supermodel, plone.app.dexterity, plone.app.theming, plone.app.event, Plone
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: about 3 years ago
High
Ecosystems: pypi
Packages: plone.supermodel, plone.app.dexterity, plone.app.theming, plone.app.event, Plone
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJjOGMtODR3Mi1qMzhq
Improper Restriction of XML External Entity Reference in PloneEcosystems: pypi
Packages: plone.supermodel, plone.app.dexterity, plone.app.theming, plone.app.event, Plone
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: about 3 years ago
High
Ecosystems: pypi
Packages: plone.supermodel, plone.app.dexterity, plone.app.theming, plone.app.event, Plone
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdxNngtZzY4NS13NWYy
Improper Restriction of XML External Entity Reference in PloneEcosystems: pypi
Packages: plone.supermodel, plone.app.dexterity, plone.app.theming, plone.app.event, Plone
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: about 3 years ago
Critical
Ecosystems: pypi
Packages: plone.app.contenttypes, Plone
Source: GitHub Advisory Database
Blast Radius: 18.8
Published: almost 2 years ago
GSA_kwCzR0hTQS13Nmc5LXhjY2MtMzQ3aM4AAjY7
Plone Unauthenticated Write VulnerabilityEcosystems: pypi
Packages: plone.app.contenttypes, Plone
Source: GitHub Advisory Database
Blast Radius: 18.8
Published: almost 2 years ago
Critical
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhtMnAtZmh3eC05Mjg1
Incorrect Permission Assignment for Critical Resource in PloneEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: almost 3 years ago
High
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 7.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1wM3FtLTQ0Y2YtZjhxeM4AAYcH
Plone vulnerable to cross-site request forgeryEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 7.4
Published: almost 2 years ago
High
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 7.4
Published: about 1 year ago
GSA_kwCzR0hTQS00N3A1LXAzanctdzc4d84AAxtz
Server-Side Request Forgery in Plone CMSEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 7.4
Published: about 1 year ago
High
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 7.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1oaG1mLTdyZ2ctZ2N3Nc4AAjY6
Plone SQL Injection VulnerabilityEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 7.4
Published: almost 2 years ago
High
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdjOWctNjdjcS1wN3Y0
Server-Side Request Forgery in PloneEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: almost 3 years ago
High
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: almost 2 years ago
GSA_kwCzR0hTQS1jdzU4LWdwZ3ctaHd4Ms4AAjYs
Plone allows weak passwordsEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: almost 2 years ago
High
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1xcWdqLTIyZ3ItNzN2eM4AAb6z
Plone vulnerable to privilege escalation in WebDAVEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: almost 2 years ago
High
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: 4 months ago
GSA_kwCzR0hTQS01eGZ4LTU1eDQtajIyM84AA4jV
Cross-Frame Scripting vulnerability has been found on Plone CMSEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
GSA_kwCzR0hTQS04Mmo5LXdmY2YtOXYyaM4AAjYw
Plone Open Redirect VulnerabilityEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1wcDRjLTI2OTItN2YzN84AAV9s
Plone Cross-site Scripting (XSS) vulnerabilityEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1jaHZ3LWdqeGYtZjhtY84AAV9q
Plone vulnerable to Cross-site ScriptingEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: Plone, Products.PluggableAuthService, Products.CMFCore
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM1cmctNDY2dy03N2gz
Cross-site scripting in Products.CMFCore, Products.PluggableAuthService, PloneEcosystems: pypi
Packages: Plone, Products.PluggableAuthService, Products.CMFCore
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 3 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: almost 2 years ago
GSA_kwCzR0hTQS04bWM0LTJ4cmMtZzU4Ms4AAjY8
Plone cross site scripting (XSS)Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZqNjctdzNtNC1yZm1w
Cross-site scripting in PloneEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: almost 3 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhtMmgtZjQ1Ni02ajg4
Cross-site scripting in PloneEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: almost 3 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJtcHYtcmNwNi12OHdj
Cross-site scripting in PloneEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: almost 3 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: almost 2 years ago
GSA_kwCzR0hTQS12NHZqLTQ5bTUtd2pod84AAb6c
Plone vulnerable to unauthorized disclosure of site contentEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: almost 2 years ago
GSA_kwCzR0hTQS1tN2Y5LTY1d3ItcHdjaM4AAV9u
Plone vulnerable to filesystem information leakEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: almost 2 years ago
GSA_kwCzR0hTQS02aDh4LTczZngtcTJoOc4AAb6U
Chameleon in Plone allows Authentication BypassEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRtZzQtd3ZteC01MzMy
Server-Side Request Forgery in PloneEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: almost 3 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA1d3ItdnA4Zy1xNXA0
Plone Sandbox EscapeEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: almost 6 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBjd20tOGpjMy1xeHZq
Plone Denial of Service vulnerabilityEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Moderate
Ecosystems: pypi
Packages: Plone, Zope2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ4dnYtMnBtcS05ZnZ2
Moderate severity vulnerability that affects Plone and Zope2Ecosystems: pypi
Packages: Plone, Zope2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13cmYyLTJyY2gtY21yOc4AAePJ
Plone is vulnerable to denial of serviceEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBycjUtcGZyOC1xOWYz
Moderate severity vulnerability that affects PloneEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1xanhmLTZwcjgtajg3ds4AAesJ
Plone's authenticated users able to alter their password despite of policy definitionEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS00dnI4LXI3cXItZnB2cc4AAeeZ
Plone Privilege escalation through exposed underlying APIEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: Plone, Zope2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3aHYtODc5Ni04Y2Nw
HTTP header injection in Plone and Zope2Ecosystems: pypi
Packages: Plone, Zope2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
High
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zdjI4LTlqanAtNGc1d84AAahz
Plone Privilege Escalation VulnerabilityEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS14ZzVwLTh3ZzUtcmh4bc4AA5yI
Phone information disclosure vulnerabilityEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
High
Ecosystems: pypi
Packages: Zope2, Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA2aDktaHBjZy1jNmdt
High severity vulnerability that affects Plone and Zope2Ecosystems: pypi
Packages: Zope2, Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13cHJyLW1jNTQtYzYycc4AAeNO
Exposure of Sensitive Information in PloneEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03aHhjLW13eDctNWhtY84AAePM
Plone Code Injection vulnerabilityEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: Plone, Zope2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNxcHItN3JtZy03M3Y4
Moderate severity vulnerability that affects Plone and Zope2Ecosystems: pypi
Packages: Plone, Zope2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Moderate
Ecosystems: pypi
Packages: Plone, Zope2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg3OXItN2Yzdy04amoz
Moderate severity vulnerability that affects Plone and Zope2Ecosystems: pypi
Packages: Plone, Zope2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Low
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg2aHEtYzg5Ni13ODgy
Low severity vulnerability that affects PloneEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Moderate
Ecosystems: pypi
Packages: Plone, plone.app.users
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJxeDgtNTg5ai1nY3B4
Moderate severity vulnerability that affects Plone and plone.app.usersEcosystems: pypi
Packages: Plone, plone.app.users
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01NnAzLXJycDQtMmo4Ms4AAWK2
Plone Open Redirection vulnerability via next parameterEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1jeHc3LTg1eG0tM3hyY84AAePN
Plone Code Injection vulnerabilityEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1xajd4LXdtOXEtcWp4OM4AAgL1
Plone Cross-site Scripting vulnerability in PortalTransformsEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS00NmY5LWY4am0tbXcyeM2_OQ
Plone Cross-site Scripting vulnerability in the LiveSearch moduleEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Statistics
Advisories: 18,372
Packages: 8,294
Repositories: 5
Ecosystems: 12
Packages: 8,294
Repositories: 5
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
432
tensorflow-cpu
387
tensorflow-gpu
384
django
80
apache-airflow
78
ansible
63
salt
50
apache-superset
48
Plone
45
plone
43
rdiffweb
42
Pillow
41
vyper
38
matrix-synapse
35
mlflow
31
opencv-python
30
opencv-contrib-python
30
Django
27
moin
23
langchain
18
PaddlePaddle
17
mercurial
17
cobbler
17
pillow
16
nova
15
paddlepaddle
15
notebook
15
cryptography
15
gradio
14
modoboa
14
pyftpdlib
14
keystone
14
pyload-ng
14
neutron
13
OctoPrint
12
vantage6
12
glance
11
calibreweb
11
twisted
11
urllib3
11
aiohttp
11
onionshare-cli
11
trytond
10
wagtail
10
Flask-AppBuilder
10
zope
9
opencv-contrib-python-headless
9
opencv-python-headless
9
ethyca-fides
9
waitress
9
Zope
9
kiwitcms
9
trac
8
numpy
8
python-keystoneclient
8
aubio
8
roundup
8
nautobot
8
label-studio
8
swift
7
jupyter-server
7
pysaml2
7
pgadmin4
7
lief
7
scrapy
7
ipython
7
pip
7
matrix-sydent
7
mailman
6
apache-airflow-providers-apache-hive
6
lxml
6
Zope2
6
sentry
6
tuf
6
web2py
6
horizon
6
graphite-web
6
mindsdb
6
inventree
6
bleach
5
pyspark
5
saleor
5
lmdb
5
ckan
5
requests
5
python-gnupg
5
feedparser
5
whoogle-search
5
Products.CMFPlone
5
paramiko
5
cinder
5
jupyterhub
4
tripleo-heat-templates
4
bottle
4
Radicale
4
aws-iot-device-sdk-v2
4
Pygments
4
reportlab
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
markdown2
4
awsiotsdk
4
nltk
4
starlette
4
nvflare
4
datasette
4
Jinja2
4
ansible-core
4
transformers
4
esphome
4
httpie
4
Flask-Security-Too
4
grpc
4
keylime
4
grpcio
4
oauthenticator
4
FreeTAKServer-UI
4
tornado
4
PyPDF2
4
buildbot
4
pretix
4
werkzeug
4
GitPython
4
omero-web
4
yt-dlp
4
jwcrypto
4
qutebrowser
4
mistune
3
Mezzanine
3
gerapy
3
SQLAlchemy
3
copyparty
3
django-helpdesk
3
Werkzeug
3
dulwich
3
pyyaml
3
sanic
3
flask
3
pandasai
3
mayan-edms
3
barbican
3
aim
3
indy-node
3
protobuf
3
ryu
3
streamlit
3
httplib2
3
sosreport
3
zenml
3
sickrage
3
rsa
3
Weblate
3
ujson
3
openvpn-monitor
3
Keystone
3
pyarrow
3
Products.PluggableAuthService
3
changedetection.io
3
ajenti
3
fava
3
Moin
3
pycrypto
3
mitmproxy
3
keyring
3
io.grpc:grpc-protobuf
3
wger
3
apache-libcloud
3
ecdsa
3
plone.app.event
3
plone.app.theming
3
plone.app.dexterity
3
plone.supermodel
3
sqlparse
3
homeassistant
3
onnx
3
asyncua
3
torchserve
3
ansible-runner
3
localstack
3
poetry
3
bitlyshortener
3
indico
3
octavia
3
slixmpp
3
jupyterlab
3
clearml
3
docassemble.webapp
3
apache-iotdb
3
asyncssh
3
quokka
3
pywasm3
3
apache-airflow-providers-apache-spark
3
ray
3
python-jose
3
pymatgen
2
pyxdg
2
openapi-python-client
2
wagtail-2fa
2
zope2
2
py
2
ctx
2