CVE-2011-2528 – zope2

Package

Manager: pip
Name: zope2
Vulnerable Version: >=2.12.0 <2.12.19 || >=2.13.0 <2.13.8

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L/E:U/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L

EPSS: 0.00593 pctl0.68317

Details

High severity vulnerability that affects Plone and Zope2 Unspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x before 2.13.8, as used in Plone 4.x and other products, and (2) PloneHotfix20110720 for Plone 3.x allows attackers to gain privileges via unspecified vectors, related to a "highly serious vulnerability." NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-0720.

Metadata

Created: 2018-07-23T19:52:02Z
Modified: 2024-11-26T15:51:27Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/07/GHSA-p6h9-hpcg-c6gm/GHSA-p6h9-hpcg-c6gm.json
CWE IDs: []
Alternative ID: GHSA-p6h9-hpcg-c6gm
Finding: F159
Auto approve: 1