| 0 |
| url |
VCID-311f-xecp-47fm |
| vulnerability_id |
VCID-311f-xecp-47fm |
| summary |
Accessing private content via str.format in through-the-web templates and scripts in Plone 2.5-5.1rc1. This improves an earlier hotfix. Since the format method was introduced in Python 2.6, this part of the hotfix is only relevant for Plone 4 and 5. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
7.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.3.16 |
| purl |
pkg:pypi/plone@4.3.16 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 4 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 5 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 6 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 7 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 8 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 9 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 10 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 11 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 12 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 13 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 14 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 15 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 16 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 17 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 18 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 19 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.16 |
|
| 1 |
| url |
pkg:pypi/plone@5.1.0 |
| purl |
pkg:pypi/plone@5.1.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 4 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 5 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 6 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 7 |
| vulnerability |
VCID-c3we-w4qc-6fhs |
|
| 8 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 9 |
| vulnerability |
VCID-dnu9-u6zt-c7ch |
|
| 10 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 11 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 12 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 13 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 14 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 15 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 16 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 17 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1.0 |
|
|
| aliases |
CVE-2017-1000483, GHSA-qc57-h2f7-p4hx, PYSEC-2018-72
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-311f-xecp-47fm |
|
| 1 |
| url |
VCID-31m2-mwzq-judc |
| vulnerability_id |
VCID-31m2-mwzq-judc |
| summary |
mail_password.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to bypass the prohibition on password changes via the forgotten password email functionality. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
http://seclists.org/oss-sec/2013/q3/261 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
http://seclists.org/oss-sec/2013/q3/261 |
|
| 5 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.1.1 |
| purl |
pkg:pypi/plone@4.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 4 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 9 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 10 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 11 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 12 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 13 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 14 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 15 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 16 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 17 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 18 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 19 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 20 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 21 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 22 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 23 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 24 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 25 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 26 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 27 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 28 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 29 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 30 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 31 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 32 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 33 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 34 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 35 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 36 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 37 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 38 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 39 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 40 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 41 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 42 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 43 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 44 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 45 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 46 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 47 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 48 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 49 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 50 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 51 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 52 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 53 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 54 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 55 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 56 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1 |
|
| 1 |
| url |
pkg:pypi/plone@4.2.6 |
| purl |
pkg:pypi/plone@4.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 8 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 9 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 10 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 11 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 12 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 13 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 14 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 15 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 16 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 17 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 18 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 19 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 20 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 21 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 22 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 23 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 24 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 25 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 26 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 27 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 28 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 29 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 30 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 31 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 32 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 33 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6 |
|
| 2 |
| url |
pkg:pypi/plone@4.3.2 |
| purl |
pkg:pypi/plone@4.3.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 9 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 10 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 11 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 12 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 13 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 14 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 15 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 16 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 17 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 18 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 19 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 20 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 21 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 22 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 23 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 24 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 25 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 26 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 27 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 28 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 29 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 30 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 31 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 32 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 33 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 34 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 35 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 36 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2 |
|
|
| aliases |
CVE-2013-4198, GHSA-qjxf-6pr8-j87v, PYSEC-2014-62
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-31m2-mwzq-judc |
|
| 2 |
| url |
VCID-36xh-ua3s-gyfr |
| vulnerability_id |
VCID-36xh-ua3s-gyfr |
| summary |
Plone before 5.2.3 allows XXE attacks via a feature that is protected by an unapplied permission of plone.schemaeditor.ManageSchemata (therefore, only available to the Manager role). |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@5.2.3 |
| purl |
pkg:pypi/plone@5.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 1 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 2 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 3 |
| vulnerability |
VCID-ccuu-86vs-s3gs |
|
| 4 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 5 |
| vulnerability |
VCID-dnu9-u6zt-c7ch |
|
| 6 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 7 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 8 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 9 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 10 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.3 |
|
|
| aliases |
CVE-2020-28736, GHSA-2c8c-84w2-j38j, PYSEC-2020-248
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-36xh-ua3s-gyfr |
|
| 3 |
| url |
VCID-3n34-5rm7-nbcj |
| vulnerability_id |
VCID-3n34-5rm7-nbcj |
| summary |
Plone through 5.2.4 allows remote authenticated managers to conduct SSRF attacks via an event ical URL, to read one line of a file. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/advisories/GHSA-4mg4-wvmx-5332 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
cvssv3.1_qr |
| scoring_elements |
|
|
| 2 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/advisories/GHSA-4mg4-wvmx-5332 |
|
| 2 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-33510, GHSA-4mg4-wvmx-5332, PYSEC-2021-82
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3n34-5rm7-nbcj |
|
| 4 |
| url |
VCID-3uw2-j3r6-77ch |
| vulnerability_id |
VCID-3uw2-j3r6-77ch |
| summary |
Cross-site scripting (XSS) vulnerability in python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to "{u,}translate." |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5494, GHSA-3g6w-4m7x-97v6, PYSEC-2014-36
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3uw2-j3r6-77ch |
|
| 5 |
| url |
VCID-3v6x-b2g3-fyhq |
| vulnerability_id |
VCID-3v6x-b2g3-fyhq |
| summary |
z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain the default form field values by leveraging knowledge of the form location and the element id. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5491, GHSA-f8pg-wp5j-rjxx, PYSEC-2014-33
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3v6x-b2g3-fyhq |
|
| 6 |
| url |
VCID-43m1-jkv8-jygp |
| vulnerability_id |
VCID-43m1-jkv8-jygp |
| summary |
A member of the Plone 2.5-5.1rc1 site could set javascript in the home_page property of his profile, and have this executed when a visitor click the home page link on the author page. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.3.16 |
| purl |
pkg:pypi/plone@4.3.16 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 4 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 5 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 6 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 7 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 8 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 9 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 10 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 11 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 12 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 13 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 14 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 15 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 16 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 17 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 18 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 19 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.16 |
|
| 1 |
| url |
pkg:pypi/plone@5.1.0 |
| purl |
pkg:pypi/plone@5.1.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 4 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 5 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 6 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 7 |
| vulnerability |
VCID-c3we-w4qc-6fhs |
|
| 8 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 9 |
| vulnerability |
VCID-dnu9-u6zt-c7ch |
|
| 10 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 11 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 12 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 13 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 14 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 15 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 16 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 17 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1.0 |
|
|
| aliases |
CVE-2017-1000482, GHSA-859j-668v-mrr6, PYSEC-2018-71
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-43m1-jkv8-jygp |
|
| 7 |
| url |
VCID-46az-51p2-yfdf |
| vulnerability_id |
VCID-46az-51p2-yfdf |
| summary |
gtbn.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain permissions to bypass the Python sandbox and execute arbitrary Python code via unspecified vectors. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.9 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
|
| 1 |
| value |
6.5 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5493, GHSA-25jh-5h5r-h33m, PYSEC-2014-35
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-46az-51p2-yfdf |
|
| 8 |
| url |
VCID-4hzn-mj8g-37ew |
| vulnerability_id |
VCID-4hzn-mj8g-37ew |
| summary |
Cross-site scripting (XSS) vulnerability in widget_traversal.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5504, GHSA-5whw-5cmm-9jw4, PYSEC-2014-46
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4hzn-mj8g-37ew |
|
| 9 |
| url |
VCID-4xdg-1sku-17cd |
| vulnerability_id |
VCID-4xdg-1sku-17cd |
| summary |
Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
| reference_url |
https://github.com/advisories/GHSA-p7h9-vf92-5fj5 |
| reference_id |
GHSA-p7h9-vf92-5fj5 |
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
cvssv3.1_qr |
| scoring_elements |
|
|
| 2 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/advisories/GHSA-p7h9-vf92-5fj5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.1.1 |
| purl |
pkg:pypi/plone@4.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 4 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 9 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 10 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 11 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 12 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 13 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 14 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 15 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 16 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 17 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 18 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 19 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 20 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 21 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 22 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 23 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 24 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 25 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 26 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 27 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 28 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 29 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 30 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 31 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 32 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 33 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 34 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 35 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 36 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 37 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 38 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 39 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 40 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 41 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 42 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 43 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 44 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 45 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 46 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 47 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 48 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 49 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 50 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 51 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 52 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 53 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 54 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 55 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 56 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1 |
|
|
| aliases |
CVE-2011-1948, GHSA-p7h9-vf92-5fj5, PYSEC-2011-14
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4xdg-1sku-17cd |
|
| 10 |
| url |
VCID-4ym2-39bg-dbga |
| vulnerability_id |
VCID-4ym2-39bg-dbga |
| summary |
ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5486, GHSA-77hv-8796-8ccp, PYSEC-2014-28, PYSEC-2014-73
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4ym2-39bg-dbga |
|
| 11 |
| url |
VCID-5bnw-ktd3-8qeb |
| vulnerability_id |
VCID-5bnw-ktd3-8qeb |
| summary |
Plone 4.1.3 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://github.com/plone/plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
|
| 1 |
| value |
8.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/plone |
|
| 6 |
|
| 7 |
| reference_url |
http://www.kb.cert.org/vuls/id/903934 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
|
| 1 |
| value |
8.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
http://www.kb.cert.org/vuls/id/903934 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.1.4 |
| purl |
pkg:pypi/plone@4.1.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 4 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 9 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 10 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 11 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 12 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 13 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 14 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 15 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 16 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 17 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 18 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 19 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 20 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 21 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 22 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 23 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 24 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 25 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 26 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 27 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 28 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 29 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 30 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 31 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 32 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 33 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 34 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 35 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 36 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 37 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 38 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 39 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 40 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 41 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 42 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 43 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 44 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 45 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 46 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 47 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 48 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 49 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 50 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 51 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 52 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 53 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 54 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 55 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.4 |
|
|
| aliases |
CVE-2011-4462, GHSA-pcwm-8jc3-qxvj, PYSEC-2011-22
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5bnw-ktd3-8qeb |
|
| 12 |
| url |
VCID-5e2c-6mkx-4udu |
| vulnerability_id |
VCID-5e2c-6mkx-4udu |
| summary |
Plone though 5.2.4 allows SSRF via the lxml parser. This affects Diazo themes, Dexterity TTW schemas, and modeleditors in plone.app.theming, plone.app.dexterity, and plone.supermodel. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
8.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-33511, GHSA-gc9g-67cq-p7v4, PYSEC-2021-83
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5e2c-6mkx-4udu |
|
| 13 |
| url |
VCID-5tbn-qmuj-jya9 |
| vulnerability_id |
VCID-5tbn-qmuj-jya9 |
| summary |
Multiple cross-site request forgery (CSRF) vulnerabilities in Zope Management Interface 4.3.7 and earlier, and Plone before 5.x. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
8.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
| reference_url |
https://www.exploit-db.com/exploits/38411 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
8.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://www.exploit-db.com/exploits/38411 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@5.0a1 |
| purl |
pkg:pypi/plone@5.0a1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 10 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 11 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 12 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 13 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 14 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 15 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 16 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 17 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 18 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 19 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 20 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 21 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 22 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 23 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 24 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0a1 |
|
|
| aliases |
CVE-2015-7293, GHSA-p3qm-44cf-f8qx, PYSEC-2017-51
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5tbn-qmuj-jya9 |
|
| 14 |
| url |
VCID-5z33-3pqj-gygw |
| vulnerability_id |
VCID-5z33-3pqj-gygw |
| summary |
Plone before 5.2.3 allows XXE attacks via a feature that is explicitly only available to the Manager role. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@5.2.3 |
| purl |
pkg:pypi/plone@5.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 1 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 2 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 3 |
| vulnerability |
VCID-ccuu-86vs-s3gs |
|
| 4 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 5 |
| vulnerability |
VCID-dnu9-u6zt-c7ch |
|
| 6 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 7 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 8 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 9 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 10 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.3 |
|
|
| aliases |
CVE-2020-28734, GHSA-wq6x-g685-w5f2, PYSEC-2020-246
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5z33-3pqj-gygw |
|
| 15 |
| url |
VCID-6898-z4k5-h3b6 |
| vulnerability_id |
VCID-6898-z4k5-h3b6 |
| summary |
Cross-site scripting (XSS) vulnerability in the manage_findResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the obj_ids:tokens parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7140. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.3.12 |
| purl |
pkg:pypi/plone@4.3.12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 10 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 11 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 12 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 13 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 14 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 15 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 16 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 17 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 18 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 19 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 20 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 21 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 22 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12 |
|
| 1 |
| url |
pkg:pypi/plone@5.0.7 |
| purl |
pkg:pypi/plone@5.0.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 8 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 9 |
| vulnerability |
VCID-c3we-w4qc-6fhs |
|
| 10 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 11 |
| vulnerability |
VCID-dnu9-u6zt-c7ch |
|
| 12 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 13 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 14 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 15 |
| vulnerability |
VCID-jn3b-smfx-87gg |
|
| 16 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 17 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 18 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 19 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 20 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 21 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 22 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 23 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 24 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7 |
|
|
| aliases |
CVE-2016-7147, GHSA-84jm-cpc5-c7g7, PYSEC-2017-64
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6898-z4k5-h3b6 |
|
| 16 |
| url |
VCID-6rsz-krhe-q3gz |
| vulnerability_id |
VCID-6rsz-krhe-q3gz |
| summary |
ftp.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read hidden folder contents via unspecified vectors. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5503, GHSA-prr5-pfr8-q9f3, PYSEC-2014-45
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6rsz-krhe-q3gz |
|
| 17 |
| url |
VCID-7mc8-x346-eyaq |
| vulnerability_id |
VCID-7mc8-x346-eyaq |
| summary |
typeswidget.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce the immutable setting on unspecified content edit forms, which allows remote attackers to hide fields on the forms via a crafted URL. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
http://seclists.org/oss-sec/2013/q3/261 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.9 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
8.2 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
http://seclists.org/oss-sec/2013/q3/261 |
|
| 5 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.9 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
8.2 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.1.1 |
| purl |
pkg:pypi/plone@4.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 4 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 9 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 10 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 11 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 12 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 13 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 14 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 15 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 16 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 17 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 18 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 19 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 20 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 21 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 22 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 23 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 24 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 25 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 26 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 27 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 28 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 29 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 30 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 31 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 32 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 33 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 34 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 35 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 36 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 37 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 38 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 39 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 40 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 41 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 42 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 43 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 44 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 45 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 46 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 47 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 48 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 49 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 50 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 51 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 52 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 53 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 54 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 55 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 56 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1 |
|
| 1 |
| url |
pkg:pypi/plone@4.2.6 |
| purl |
pkg:pypi/plone@4.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 8 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 9 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 10 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 11 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 12 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 13 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 14 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 15 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 16 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 17 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 18 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 19 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 20 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 21 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 22 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 23 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 24 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 25 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 26 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 27 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 28 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 29 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 30 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 31 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 32 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 33 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6 |
|
| 2 |
| url |
pkg:pypi/plone@4.3.2 |
| purl |
pkg:pypi/plone@4.3.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 9 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 10 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 11 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 12 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 13 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 14 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 15 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 16 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 17 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 18 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 19 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 20 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 21 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 22 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 23 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 24 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 25 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 26 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 27 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 28 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 29 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 30 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 31 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 32 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 33 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 34 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 35 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 36 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2 |
|
|
| aliases |
CVE-2013-4193, GHSA-6fgf-x7wg-hp8r, PYSEC-2014-57
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7mc8-x346-eyaq |
|
| 18 |
| url |
VCID-83xg-a5v4-4bcw |
| vulnerability_id |
VCID-83xg-a5v4-4bcw |
| summary |
(1) cb_decode.py and (2) linkintegrity.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote authenticated users to cause a denial of service (resource consumption) via a large zip archive, which is expanded (decompressed). |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
http://seclists.org/oss-sec/2013/q3/261 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L |
|
| 1 |
| value |
2.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
http://seclists.org/oss-sec/2013/q3/261 |
|
| 5 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L |
|
| 1 |
| value |
2.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.1.1 |
| purl |
pkg:pypi/plone@4.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 4 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 9 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 10 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 11 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 12 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 13 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 14 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 15 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 16 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 17 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 18 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 19 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 20 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 21 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 22 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 23 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 24 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 25 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 26 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 27 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 28 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 29 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 30 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 31 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 32 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 33 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 34 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 35 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 36 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 37 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 38 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 39 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 40 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 41 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 42 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 43 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 44 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 45 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 46 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 47 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 48 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 49 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 50 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 51 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 52 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 53 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 54 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 55 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 56 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1 |
|
| 1 |
| url |
pkg:pypi/plone@4.2.6 |
| purl |
pkg:pypi/plone@4.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 8 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 9 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 10 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 11 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 12 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 13 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 14 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 15 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 16 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 17 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 18 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 19 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 20 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 21 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 22 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 23 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 24 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 25 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 26 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 27 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 28 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 29 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 30 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 31 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 32 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 33 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6 |
|
| 2 |
| url |
pkg:pypi/plone@4.3.2 |
| purl |
pkg:pypi/plone@4.3.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 9 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 10 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 11 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 12 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 13 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 14 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 15 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 16 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 17 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 18 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 19 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 20 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 21 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 22 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 23 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 24 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 25 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 26 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 27 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 28 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 29 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 30 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 31 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 32 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 33 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 34 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 35 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 36 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2 |
|
|
| aliases |
CVE-2013-4199, GHSA-xfjq-9rxq-ph6m, PYSEC-2014-63
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-83xg-a5v4-4bcw |
|
| 19 |
| url |
VCID-8gk5-28z6-7bcf |
| vulnerability_id |
VCID-8gk5-28z6-7bcf |
| summary |
atat.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read private data structures via a request for a view without a name. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
8.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5505, GHSA-cq5g-924m-7fxh, PYSEC-2014-47
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8gk5-28z6-7bcf |
|
| 20 |
| url |
VCID-8j8e-z731-7fbz |
| vulnerability_id |
VCID-8j8e-z731-7fbz |
| summary |
Cross-site scripting (XSS) vulnerability in kssdevel.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5490, GHSA-q46g-v7r4-9vhr, PYSEC-2014-32
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8j8e-z731-7fbz |
|
| 21 |
| url |
VCID-8md9-zymx-w7cn |
| vulnerability_id |
VCID-8md9-zymx-w7cn |
| summary |
membership_tool.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to enumerate user account names via a crafted URL. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5497, GHSA-683w-84m7-p8pw, PYSEC-2014-39
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8md9-zymx-w7cn |
|
| 22 |
| url |
VCID-8r52-vc7e-f3bc |
| vulnerability_id |
VCID-8r52-vc7e-f3bc |
| summary |
zip.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce access restrictions when including content in a zip archive, which allows remote attackers to obtain sensitive information by reading a generated archive. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
http://seclists.org/oss-sec/2013/q3/261 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
http://seclists.org/oss-sec/2013/q3/261 |
|
| 5 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.1.1 |
| purl |
pkg:pypi/plone@4.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 4 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 9 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 10 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 11 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 12 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 13 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 14 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 15 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 16 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 17 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 18 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 19 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 20 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 21 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 22 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 23 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 24 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 25 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 26 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 27 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 28 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 29 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 30 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 31 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 32 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 33 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 34 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 35 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 36 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 37 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 38 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 39 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 40 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 41 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 42 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 43 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 44 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 45 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 46 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 47 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 48 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 49 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 50 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 51 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 52 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 53 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 54 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 55 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 56 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1 |
|
| 1 |
| url |
pkg:pypi/plone@4.2.6 |
| purl |
pkg:pypi/plone@4.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 8 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 9 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 10 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 11 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 12 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 13 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 14 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 15 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 16 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 17 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 18 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 19 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 20 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 21 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 22 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 23 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 24 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 25 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 26 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 27 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 28 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 29 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 30 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 31 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 32 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 33 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6 |
|
| 2 |
| url |
pkg:pypi/plone@4.3.2 |
| purl |
pkg:pypi/plone@4.3.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 9 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 10 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 11 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 12 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 13 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 14 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 15 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 16 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 17 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 18 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 19 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 20 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 21 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 22 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 23 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 24 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 25 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 26 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 27 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 28 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 29 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 30 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 31 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 32 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 33 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 34 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 35 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 36 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2 |
|
|
| aliases |
CVE-2013-4191, GHSA-grwx-4p5v-9g2g, PYSEC-2014-55
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8r52-vc7e-f3bc |
|
| 23 |
| url |
VCID-99bf-ybqh-dfad |
| vulnerability_id |
VCID-99bf-ybqh-dfad |
| summary |
The batch id change script (renameObjectsByPaths.py) in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to change the titles of content items by leveraging a valid CSRF token in a crafted request. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://github.com/plone/plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/plone |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5500, GHSA-2q75-f7cp-w86q, PYSEC-2014-42
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-99bf-ybqh-dfad |
|
| 24 |
| url |
VCID-9ze6-mfrw-ukdv |
| vulnerability_id |
VCID-9ze6-mfrw-ukdv |
| summary |
Plone through 5.2.4 allows XSS via the inline_diff methods in Products.CMFDiffTool. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/advisories/GHSA-fj67-w3m4-rfmp |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
cvssv3.1_qr |
| scoring_elements |
|
|
| 2 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/advisories/GHSA-fj67-w3m4-rfmp |
|
| 2 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-33513, GHSA-fj67-w3m4-rfmp, PYSEC-2021-85
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9ze6-mfrw-ukdv |
|
| 25 |
| url |
VCID-a628-5uyk-w3ca |
| vulnerability_id |
VCID-a628-5uyk-w3ca |
| summary |
Multiple unspecified vulnerabilities in (1) dataitems.py, (2) get.py, and (3) traverseName.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote authenticated users with administrator access to a subtree to access nodes above the subtree via unknown vectors. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
http://seclists.org/oss-sec/2013/q3/261 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.9 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
http://seclists.org/oss-sec/2013/q3/261 |
|
| 5 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.9 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.1.1 |
| purl |
pkg:pypi/plone@4.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 4 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 9 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 10 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 11 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 12 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 13 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 14 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 15 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 16 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 17 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 18 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 19 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 20 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 21 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 22 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 23 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 24 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 25 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 26 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 27 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 28 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 29 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 30 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 31 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 32 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 33 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 34 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 35 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 36 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 37 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 38 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 39 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 40 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 41 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 42 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 43 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 44 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 45 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 46 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 47 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 48 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 49 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 50 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 51 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 52 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 53 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 54 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 55 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 56 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1 |
|
| 1 |
| url |
pkg:pypi/plone@4.2.6 |
| purl |
pkg:pypi/plone@4.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 8 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 9 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 10 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 11 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 12 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 13 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 14 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 15 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 16 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 17 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 18 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 19 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 20 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 21 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 22 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 23 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 24 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 25 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 26 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 27 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 28 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 29 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 30 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 31 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 32 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 33 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6 |
|
| 2 |
| url |
pkg:pypi/plone@4.3.2 |
| purl |
pkg:pypi/plone@4.3.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 9 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 10 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 11 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 12 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 13 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 14 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 15 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 16 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 17 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 18 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 19 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 20 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 21 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 22 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 23 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 24 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 25 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 26 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 27 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 28 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 29 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 30 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 31 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 32 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 33 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 34 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 35 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 36 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2 |
|
|
| aliases |
CVE-2013-4189, GHSA-pwpq-632g-h49g, PYSEC-2014-53
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a628-5uyk-w3ca |
|
| 26 |
| url |
VCID-a67e-svcb-ekhc |
| vulnerability_id |
VCID-a67e-svcb-ekhc |
| summary |
Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators to bypass restrictions and obtain sensitive information via an unspecified search API. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.3.3 |
| purl |
pkg:pypi/plone@4.3.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 9 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 10 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 11 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 12 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 13 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 14 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 15 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 16 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 17 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 18 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 19 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 20 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 21 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 22 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 23 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 24 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 25 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 26 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 27 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 28 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 29 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 30 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 31 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 32 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 33 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.3 |
|
|
| aliases |
CVE-2013-7061, GHSA-4vr8-r7qr-fpvq, PYSEC-2014-66, PYSEC-2014-68
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a67e-svcb-ekhc |
|
| 27 |
| url |
VCID-bj9p-4wzt-47cf |
| vulnerability_id |
VCID-bj9p-4wzt-47cf |
| summary |
The isURLInPortal method in the URLTool class in in_portal.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 treats URLs starting with a space as a relative URL, which allows remote attackers to bypass the allow_external_login_sites filtering property, redirect users to arbitrary web sites, and conduct phishing attacks via a space before a URL in the "next" parameter to acl_users/credentials_cookie_auth/require_login. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
8.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.1.1 |
| purl |
pkg:pypi/plone@4.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 4 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 9 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 10 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 11 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 12 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 13 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 14 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 15 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 16 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 17 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 18 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 19 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 20 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 21 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 22 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 23 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 24 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 25 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 26 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 27 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 28 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 29 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 30 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 31 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 32 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 33 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 34 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 35 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 36 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 37 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 38 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 39 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 40 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 41 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 42 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 43 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 44 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 45 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 46 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 47 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 48 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 49 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 50 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 51 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 52 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 53 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 54 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 55 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 56 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1 |
|
| 1 |
| url |
pkg:pypi/plone@4.2.6 |
| purl |
pkg:pypi/plone@4.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 8 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 9 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 10 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 11 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 12 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 13 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 14 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 15 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 16 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 17 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 18 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 19 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 20 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 21 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 22 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 23 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 24 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 25 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 26 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 27 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 28 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 29 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 30 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 31 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 32 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 33 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6 |
|
| 2 |
| url |
pkg:pypi/plone@4.3.2 |
| purl |
pkg:pypi/plone@4.3.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 9 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 10 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 11 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 12 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 13 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 14 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 15 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 16 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 17 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 18 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 19 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 20 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 21 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 22 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 23 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 24 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 25 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 26 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 27 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 28 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 29 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 30 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 31 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 32 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 33 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 34 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 35 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 36 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2 |
|
|
| aliases |
CVE-2013-4200, GHSA-56p3-rrp4-2j82, PYSEC-2014-64
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bj9p-4wzt-47cf |
|
| 28 |
| url |
VCID-ch1t-qmtc-xqfx |
| vulnerability_id |
VCID-ch1t-qmtc-xqfx |
| summary |
uid_catalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to obtain metadata about hidden objects via a crafted URL. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5492, GHSA-6w93-4c4p-xv2x, PYSEC-2014-34
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ch1t-qmtc-xqfx |
|
| 29 |
| url |
VCID-d68e-uehc-nudc |
| vulnerability_id |
VCID-d68e-uehc-nudc |
| summary |
Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/advisories/GHSA-hm2p-fhwx-9285 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.9 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
|
| 1 |
| value |
CRITICAL |
| scoring_system |
cvssv3.1_qr |
| scoring_elements |
|
|
| 2 |
| value |
9.4 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H |
|
| 3 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/advisories/GHSA-hm2p-fhwx-9285 |
|
| 2 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.9 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
|
| 1 |
| value |
9.4 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-33509, GHSA-hm2p-fhwx-9285, PYSEC-2021-81
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-d68e-uehc-nudc |
|
| 30 |
| url |
VCID-f2hn-g67h-kfgk |
| vulnerability_id |
VCID-f2hn-g67h-kfgk |
| summary |
Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other products, allows remote attackers to obtain administrative access, read or create arbitrary content, and change the site skin via unknown vectors. |
| references |
| 0 |
| reference_url |
http://osvdb.org/70753 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
http://osvdb.org/70753 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.0.1 |
| purl |
pkg:pypi/plone@4.0.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 5 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 8 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 9 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 10 |
| vulnerability |
VCID-4xdg-1sku-17cd |
|
| 11 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 12 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 13 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 14 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 15 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 16 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 17 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 18 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 19 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 20 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 21 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 22 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 23 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 24 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 25 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 26 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 27 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 28 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 29 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 30 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 31 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 32 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 33 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 34 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 35 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 36 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 37 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 38 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 39 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 40 |
| vulnerability |
VCID-kmd1-vu9u-d7g4 |
|
| 41 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 42 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 43 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 44 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 45 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 46 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 47 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 48 |
| vulnerability |
VCID-qkv2-qpe2-97cx |
|
| 49 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 50 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 51 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 52 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 53 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 54 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 55 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 56 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 57 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 58 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 59 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 60 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 61 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 62 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 63 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 64 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 65 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 66 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 67 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 68 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 69 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 70 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 71 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 72 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.1 |
|
| 1 |
| url |
pkg:pypi/plone@4.0.4 |
| purl |
pkg:pypi/plone@4.0.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 5 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 8 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 9 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 10 |
| vulnerability |
VCID-4xdg-1sku-17cd |
|
| 11 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 12 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 13 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 14 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 15 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 16 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 17 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 18 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 19 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 20 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 21 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 22 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 23 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 24 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 25 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 26 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 27 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 28 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 29 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 30 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 31 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 32 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 33 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 34 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 35 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 36 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 37 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 38 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 39 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 40 |
| vulnerability |
VCID-kmd1-vu9u-d7g4 |
|
| 41 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 42 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 43 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 44 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 45 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 46 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 47 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 48 |
| vulnerability |
VCID-qkv2-qpe2-97cx |
|
| 49 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 50 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 51 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 52 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 53 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 54 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 55 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 56 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 57 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 58 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 59 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 60 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 61 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 62 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 63 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 64 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 65 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 66 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 67 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 68 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 69 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 70 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 71 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 72 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.4 |
|
|
| aliases |
CVE-2011-0720, GHSA-3v28-9jjp-4g5w, PYSEC-2011-13
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-f2hn-g67h-kfgk |
|
| 31 |
| url |
VCID-fd6y-2fcd-jbck |
| vulnerability_id |
VCID-fd6y-2fcd-jbck |
| summary |
traverser.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote attackers with administrator privileges to cause a denial of service (infinite loop and resource consumption) via unspecified vectors related to "retrieving information for certain resources." |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
http://seclists.org/oss-sec/2013/q3/261 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H |
|
| 1 |
| value |
5.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
http://seclists.org/oss-sec/2013/q3/261 |
|
| 5 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H |
|
| 1 |
| value |
5.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.1.1 |
| purl |
pkg:pypi/plone@4.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 4 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 9 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 10 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 11 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 12 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 13 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 14 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 15 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 16 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 17 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 18 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 19 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 20 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 21 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 22 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 23 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 24 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 25 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 26 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 27 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 28 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 29 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 30 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 31 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 32 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 33 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 34 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 35 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 36 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 37 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 38 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 39 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 40 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 41 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 42 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 43 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 44 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 45 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 46 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 47 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 48 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 49 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 50 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 51 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 52 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 53 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 54 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 55 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 56 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1 |
|
| 1 |
| url |
pkg:pypi/plone@4.2.6 |
| purl |
pkg:pypi/plone@4.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 8 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 9 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 10 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 11 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 12 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 13 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 14 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 15 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 16 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 17 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 18 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 19 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 20 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 21 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 22 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 23 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 24 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 25 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 26 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 27 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 28 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 29 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 30 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 31 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 32 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 33 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6 |
|
| 2 |
| url |
pkg:pypi/plone@4.3.2 |
| purl |
pkg:pypi/plone@4.3.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 9 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 10 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 11 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 12 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 13 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 14 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 15 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 16 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 17 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 18 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 19 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 20 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 21 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 22 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 23 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 24 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 25 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 26 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 27 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 28 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 29 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 30 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 31 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 32 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 33 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 34 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 35 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 36 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2 |
|
|
| aliases |
CVE-2013-4188, GHSA-w3pw-qxjj-6prr, PYSEC-2014-52
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fd6y-2fcd-jbck |
|
| 32 |
| url |
VCID-fga8-ymex-67fw |
| vulnerability_id |
VCID-fga8-ymex-67fw |
| summary |
By linking to a specific url in Plone 2.5-5.1rc1 with a parameter, an attacker could send you to his own website. On its own this is not so bad: the attacker could more easily link directly to his own website instead. But in combination with another attack, you could be sent to the Plone login form and login, then get redirected to the specific url, and then get a second redirect to the attacker website. (The specific url can be seen by inspecting the hotfix code, but we don't want to make it too easy for attackers by spelling it out here.) |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/advisories/GHSA-xvwv-6wvx-px9x |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
cvssv3.1_qr |
| scoring_elements |
|
|
| 2 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/advisories/GHSA-xvwv-6wvx-px9x |
|
| 2 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.3.16 |
| purl |
pkg:pypi/plone@4.3.16 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 4 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 5 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 6 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 7 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 8 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 9 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 10 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 11 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 12 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 13 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 14 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 15 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 16 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 17 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 18 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 19 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.16 |
|
| 1 |
| url |
pkg:pypi/plone@5.1.0 |
| purl |
pkg:pypi/plone@5.1.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 4 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 5 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 6 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 7 |
| vulnerability |
VCID-c3we-w4qc-6fhs |
|
| 8 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 9 |
| vulnerability |
VCID-dnu9-u6zt-c7ch |
|
| 10 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 11 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 12 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 13 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 14 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 15 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 16 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 17 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1.0 |
|
|
| aliases |
CVE-2017-1000484, GHSA-xvwv-6wvx-px9x, PYSEC-2018-73
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fga8-ymex-67fw |
|
| 33 |
| url |
VCID-gsnt-c1cd-d3bf |
| vulnerability_id |
VCID-gsnt-c1cd-d3bf |
| summary |
Plone 3.3 through 5.1a1 allows remote attackers to obtain information about the ID of sensitive content via unspecified vectors. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.3.10 |
| purl |
pkg:pypi/plone@4.3.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 13 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 14 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 15 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 16 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 17 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 18 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 19 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 20 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 21 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 22 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 23 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 24 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 25 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 26 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 27 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.10 |
|
| 1 |
| url |
pkg:pypi/plone@5.0.5 |
| purl |
pkg:pypi/plone@5.0.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 10 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 11 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 12 |
| vulnerability |
VCID-c3we-w4qc-6fhs |
|
| 13 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 14 |
| vulnerability |
VCID-dnu9-u6zt-c7ch |
|
| 15 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 16 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 17 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 18 |
| vulnerability |
VCID-jn3b-smfx-87gg |
|
| 19 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 20 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 21 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 22 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 23 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 24 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 25 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 26 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 27 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 28 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 29 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 30 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 31 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 32 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.5 |
|
| 2 |
| url |
pkg:pypi/plone@5.1a2 |
| purl |
pkg:pypi/plone@5.1a2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 8 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 9 |
| vulnerability |
VCID-c3we-w4qc-6fhs |
|
| 10 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 11 |
| vulnerability |
VCID-dnu9-u6zt-c7ch |
|
| 12 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 13 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 14 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 15 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 16 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 17 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 18 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 19 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 20 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 21 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 22 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1a2 |
|
|
| aliases |
CVE-2016-4042, GHSA-v4vj-49m5-wjhw, PYSEC-2017-56
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gsnt-c1cd-d3bf |
|
| 34 |
| url |
VCID-hzgj-wca9-z3d1 |
| vulnerability_id |
VCID-hzgj-wca9-z3d1 |
| summary |
queryCatalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to bypass caching and cause a denial of service via a crafted request to a collection. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
|
| 1 |
| value |
8.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5498, GHSA-97rj-p794-wq6m, PYSEC-2014-40
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hzgj-wca9-z3d1 |
|
| 35 |
| url |
VCID-jhc2-yux7-vybj |
| vulnerability_id |
VCID-jhc2-yux7-vybj |
| summary |
python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to "go_back." |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5495, GHSA-w6pw-5gh5-4952, PYSEC-2014-37
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jhc2-yux7-vybj |
|
| 36 |
| url |
VCID-k34d-p9vb-g7by |
| vulnerability_id |
VCID-k34d-p9vb-g7by |
| summary |
The error pages in Plone before 4.2.3 and 4.3 before beta 1 allow remote attackers to obtain random numbers and derive the PRNG state for password resets via unspecified vectors. NOTE: this identifier was SPLIT per ADT2 due to different vulnerability types. CVE-2012-6661 was assigned for the PRNG reseeding issue in Zope. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5508, GHSA-wprr-mc54-c62q, PYSEC-2014-50
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k34d-p9vb-g7by |
|
| 37 |
| url |
VCID-kak6-5sps-z3da |
| vulnerability_id |
VCID-kak6-5sps-z3da |
| summary |
python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to createObject. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5488, GHSA-cxw7-85xm-3xrc, PYSEC-2014-30
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kak6-5sps-z3da |
|
| 38 |
| url |
VCID-kmd1-vu9u-d7g4 |
| vulnerability_id |
VCID-kmd1-vu9u-d7g4 |
| summary |
plone.app.users in Plone 4.0 and 4.1 allows remote authenticated users to modify the properties of arbitrary accounts via unspecified vectors, as exploited in the wild in June 2011. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.0.6 |
| purl |
pkg:pypi/plone@4.0.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 5 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 8 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 9 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 10 |
| vulnerability |
VCID-4xdg-1sku-17cd |
|
| 11 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 12 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 13 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 14 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 15 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 16 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 17 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 18 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 19 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 20 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 21 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 22 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 23 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 24 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 25 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 26 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 27 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 28 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 29 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 30 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 31 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 32 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 33 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 34 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 35 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 36 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 37 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 38 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 39 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 40 |
| vulnerability |
VCID-kmd1-vu9u-d7g4 |
|
| 41 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 42 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 43 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 44 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 45 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 46 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 47 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 48 |
| vulnerability |
VCID-qkv2-qpe2-97cx |
|
| 49 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 50 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 51 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 52 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 53 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 54 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 55 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 56 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 57 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 58 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 59 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 60 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 61 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 62 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 63 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 64 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 65 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 66 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 67 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 68 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 69 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 70 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 71 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 72 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.6 |
|
| 1 |
| url |
pkg:pypi/plone@4.1.1 |
| purl |
pkg:pypi/plone@4.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 4 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 9 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 10 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 11 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 12 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 13 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 14 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 15 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 16 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 17 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 18 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 19 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 20 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 21 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 22 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 23 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 24 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 25 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 26 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 27 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 28 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 29 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 30 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 31 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 32 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 33 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 34 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 35 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 36 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 37 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 38 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 39 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 40 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 41 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 42 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 43 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 44 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 45 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 46 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 47 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 48 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 49 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 50 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 51 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 52 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 53 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 54 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 55 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 56 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1 |
|
|
| aliases |
CVE-2011-1950, GHSA-2qx8-589j-gcpx, PYSEC-2011-16
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kmd1-vu9u-d7g4 |
|
| 39 |
| url |
VCID-kvvr-zc1s-akhn |
| vulnerability_id |
VCID-kvvr-zc1s-akhn |
| summary |
The sandbox whitelisting function (allowmodule.py) in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain privileges to bypass the Python sandbox restriction and execute arbitrary Python code via vectors related to importing. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.9 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
|
| 1 |
| value |
6.5 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5487, GHSA-9m4g-f42q-vrrh, PYSEC-2014-29
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kvvr-zc1s-akhn |
|
| 40 |
| url |
VCID-mgpa-1taj-pycj |
| vulnerability_id |
VCID-mgpa-1taj-pycj |
| summary |
at_download.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read arbitrary BLOBs (Files and Images) stored on custom content types via a crafted URL. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
8.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5501, GHSA-pvhv-qwc8-r2pg, PYSEC-2014-43
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mgpa-1taj-pycj |
|
| 41 |
| url |
VCID-pncb-4m8u-hbaw |
| vulnerability_id |
VCID-pncb-4m8u-hbaw |
| summary |
AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain passwords via vectors involving timing discrepancies in password validation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5507, GHSA-3qpr-7rmg-73v8, PYSEC-2014-49, PYSEC-2014-75
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pncb-4m8u-hbaw |
|
| 42 |
| url |
VCID-pv2n-2y41-pbg5 |
| vulnerability_id |
VCID-pv2n-2y41-pbg5 |
| summary |
Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/advisories/GHSA-35rg-466w-77h3 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
cvssv3.1_qr |
| scoring_elements |
|
|
| 2 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/advisories/GHSA-35rg-466w-77h3 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-33507, GHSA-35rg-466w-77h3, PYSEC-2021-79
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pv2n-2y41-pbg5 |
|
| 43 |
| url |
VCID-qkv2-qpe2-97cx |
| vulnerability_id |
VCID-qkv2-qpe2-97cx |
| summary |
Cross-site scripting (XSS) vulnerability in the safe_html filter in Products.PortalTransforms in Plone 2.1 through 4.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-2422. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
| reference_url |
https://github.com/advisories/GHSA-h6hq-c896-w882 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
cvssv3.1_qr |
| scoring_elements |
|
|
| 2 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/advisories/GHSA-h6hq-c896-w882 |
|
| 8 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.0.6 |
| purl |
pkg:pypi/plone@4.0.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 5 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 8 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 9 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 10 |
| vulnerability |
VCID-4xdg-1sku-17cd |
|
| 11 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 12 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 13 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 14 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 15 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 16 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 17 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 18 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 19 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 20 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 21 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 22 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 23 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 24 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 25 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 26 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 27 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 28 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 29 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 30 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 31 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 32 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 33 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 34 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 35 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 36 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 37 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 38 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 39 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 40 |
| vulnerability |
VCID-kmd1-vu9u-d7g4 |
|
| 41 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 42 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 43 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 44 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 45 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 46 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 47 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 48 |
| vulnerability |
VCID-qkv2-qpe2-97cx |
|
| 49 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 50 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 51 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 52 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 53 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 54 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 55 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 56 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 57 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 58 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 59 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 60 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 61 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 62 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 63 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 64 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 65 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 66 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 67 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 68 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 69 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 70 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 71 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 72 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.6 |
|
| 1 |
| url |
pkg:pypi/plone@4.1.1 |
| purl |
pkg:pypi/plone@4.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 4 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 9 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 10 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 11 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 12 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 13 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 14 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 15 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 16 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 17 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 18 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 19 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 20 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 21 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 22 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 23 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 24 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 25 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 26 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 27 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 28 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 29 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 30 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 31 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 32 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 33 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 34 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 35 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 36 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 37 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 38 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 39 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 40 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 41 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 42 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 43 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 44 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 45 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 46 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 47 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 48 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 49 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 50 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 51 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 52 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 53 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 54 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 55 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 56 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1 |
|
|
| aliases |
CVE-2011-1949, GHSA-h6hq-c896-w882, PYSEC-2011-15
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qkv2-qpe2-97cx |
|
| 44 |
| url |
VCID-qskf-bt81-5bbe |
| vulnerability_id |
VCID-qskf-bt81-5bbe |
| summary |
The object manager implementation (objectmanager.py) in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly restrict access to internal methods, which allows remote attackers to obtain sensitive information via a crafted request. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
http://seclists.org/oss-sec/2013/q3/261 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
http://seclists.org/oss-sec/2013/q3/261 |
|
| 5 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.1.1 |
| purl |
pkg:pypi/plone@4.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 4 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 9 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 10 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 11 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 12 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 13 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 14 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 15 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 16 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 17 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 18 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 19 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 20 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 21 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 22 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 23 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 24 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 25 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 26 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 27 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 28 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 29 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 30 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 31 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 32 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 33 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 34 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 35 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 36 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 37 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 38 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 39 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 40 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 41 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 42 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 43 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 44 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 45 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 46 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 47 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 48 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 49 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 50 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 51 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 52 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 53 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 54 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 55 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 56 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1 |
|
| 1 |
| url |
pkg:pypi/plone@4.2.6 |
| purl |
pkg:pypi/plone@4.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 8 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 9 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 10 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 11 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 12 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 13 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 14 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 15 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 16 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 17 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 18 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 19 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 20 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 21 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 22 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 23 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 24 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 25 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 26 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 27 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 28 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 29 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 30 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 31 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 32 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 33 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6 |
|
| 2 |
| url |
pkg:pypi/plone@4.3.2 |
| purl |
pkg:pypi/plone@4.3.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 9 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 10 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 11 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 12 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 13 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 14 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 15 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 16 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 17 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 18 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 19 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 20 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 21 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 22 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 23 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 24 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 25 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 26 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 27 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 28 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 29 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 30 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 31 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 32 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 33 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 34 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 35 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 36 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2 |
|
|
| aliases |
CVE-2013-4196, GHSA-qphh-5fv5-2mjj, PYSEC-2014-60
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qskf-bt81-5bbe |
|
| 45 |
| url |
VCID-r874-3h26-j3fp |
| vulnerability_id |
VCID-r874-3h26-j3fp |
| summary |
Plone through 5.2.4 allows XSS via a full name that is mishandled during rendering of the ownership tab of a content item. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/advisories/GHSA-rmpv-rcp6-v8wc |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
cvssv3.1_qr |
| scoring_elements |
|
|
| 2 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/advisories/GHSA-rmpv-rcp6-v8wc |
|
| 2 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-33508, GHSA-rmpv-rcp6-v8wc, PYSEC-2021-80
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r874-3h26-j3fp |
|
| 46 |
| url |
VCID-rn4s-px1y-7fbc |
| vulnerability_id |
VCID-rn4s-px1y-7fbc |
| summary |
The WYSIWYG component (wysiwyg.py) in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote attackers to obtain sensitive information via a crafted URL, which reveals the installation path in an error message. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
http://seclists.org/oss-sec/2013/q3/261 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
http://seclists.org/oss-sec/2013/q3/261 |
|
| 5 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.1.1 |
| purl |
pkg:pypi/plone@4.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 4 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 9 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 10 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 11 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 12 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 13 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 14 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 15 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 16 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 17 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 18 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 19 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 20 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 21 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 22 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 23 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 24 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 25 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 26 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 27 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 28 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 29 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 30 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 31 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 32 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 33 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 34 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 35 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 36 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 37 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 38 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 39 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 40 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 41 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 42 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 43 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 44 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 45 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 46 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 47 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 48 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 49 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 50 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 51 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 52 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 53 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 54 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 55 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 56 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1 |
|
| 1 |
| url |
pkg:pypi/plone@4.2.6 |
| purl |
pkg:pypi/plone@4.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 8 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 9 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 10 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 11 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 12 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 13 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 14 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 15 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 16 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 17 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 18 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 19 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 20 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 21 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 22 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 23 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 24 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 25 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 26 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 27 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 28 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 29 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 30 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 31 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 32 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 33 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6 |
|
| 2 |
| url |
pkg:pypi/plone@4.3.2 |
| purl |
pkg:pypi/plone@4.3.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 9 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 10 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 11 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 12 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 13 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 14 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 15 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 16 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 17 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 18 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 19 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 20 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 21 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 22 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 23 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 24 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 25 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 26 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 27 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 28 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 29 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 30 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 31 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 32 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 33 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 34 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 35 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 36 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2 |
|
|
| aliases |
CVE-2013-4194, GHSA-mm32-jw73-9227, PYSEC-2014-58
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rn4s-px1y-7fbc |
|
| 47 |
| url |
VCID-sa7x-wvn1-skh1 |
| vulnerability_id |
VCID-sa7x-wvn1-skh1 |
| summary |
Plone CMS until version 5.2.4 has a stored Cross-Site Scripting (XSS) vulnerability in the user fullname property and the file upload functionality. The user's input data is not properly encoded when being echoed back to the user. This data can be interpreted as executable code by the browser and allows an attacker to execute JavaScript in the context of the victim's browser if the victim opens a vulnerable page containing an XSS payload. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 2 |
|
| 3 |
| reference_url |
https://plone.org/download/releases/5.2.3 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://plone.org/download/releases/5.2.3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@5.2.4 |
| purl |
pkg:pypi/plone@5.2.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 1 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 2 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 3 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 4 |
| vulnerability |
VCID-dnu9-u6zt-c7ch |
|
| 5 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 6 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 7 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 8 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 9 |
| vulnerability |
VCID-va5s-rj6t-53a4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.4 |
|
|
| aliases |
CVE-2021-3313, GHSA-hprr-4vfq-fcxw, PYSEC-2021-78
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sa7x-wvn1-skh1 |
|
| 48 |
| url |
VCID-scgs-bz44-ebfk |
| vulnerability_id |
VCID-scgs-bz44-ebfk |
| summary |
Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, does not reseed the pseudo-random number generator (PRNG), which makes it easier for remote attackers to guess the value via unspecified vectors. NOTE: this issue was SPLIT from CVE-2012-5508 due to different vulnerability types (ADT2). |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-6661, GHSA-48vv-2pmq-9fvv, PYSEC-2014-51, PYSEC-2014-76
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-scgs-bz44-ebfk |
|
| 49 |
| url |
VCID-swq8-17qu-vyfw |
| vulnerability_id |
VCID-swq8-17qu-vyfw |
| summary |
Multiple open redirect vulnerabilities in (1) marmoset_patch.py, (2) publish.py, and (3) principiaredirect.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
http://seclists.org/oss-sec/2013/q3/261 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
2.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
http://seclists.org/oss-sec/2013/q3/261 |
|
| 5 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
2.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.1.1 |
| purl |
pkg:pypi/plone@4.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 4 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 9 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 10 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 11 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 12 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 13 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 14 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 15 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 16 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 17 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 18 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 19 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 20 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 21 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 22 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 23 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 24 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 25 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 26 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 27 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 28 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 29 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 30 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 31 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 32 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 33 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 34 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 35 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 36 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 37 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 38 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 39 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 40 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 41 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 42 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 43 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 44 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 45 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 46 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 47 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 48 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 49 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 50 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 51 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 52 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 53 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 54 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 55 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 56 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1 |
|
| 1 |
| url |
pkg:pypi/plone@4.2.6 |
| purl |
pkg:pypi/plone@4.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 8 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 9 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 10 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 11 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 12 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 13 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 14 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 15 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 16 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 17 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 18 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 19 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 20 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 21 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 22 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 23 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 24 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 25 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 26 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 27 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 28 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 29 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 30 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 31 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 32 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 33 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6 |
|
| 2 |
| url |
pkg:pypi/plone@4.3.2 |
| purl |
pkg:pypi/plone@4.3.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 9 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 10 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 11 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 12 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 13 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 14 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 15 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 16 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 17 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 18 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 19 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 20 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 21 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 22 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 23 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 24 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 25 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 26 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 27 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 28 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 29 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 30 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 31 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 32 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 33 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 34 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 35 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 36 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2 |
|
|
| aliases |
CVE-2013-4195, GHSA-j67j-8hrp-76xm, PYSEC-2014-59
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-swq8-17qu-vyfw |
|
| 50 |
|
| 51 |
| url |
VCID-u1hz-5a2a-ybac |
| vulnerability_id |
VCID-u1hz-5a2a-ybac |
| summary |
python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (memory consumption) via a large value, related to formatColumns. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
|
| 1 |
| value |
8.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5499, GHSA-wrf2-2rch-cmr9, PYSEC-2014-41
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-u1hz-5a2a-ybac |
|
| 52 |
| url |
VCID-uduq-ujbb-6qd2 |
| vulnerability_id |
VCID-uduq-ujbb-6qd2 |
| summary |
python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (infinite loop) via an RSS feed request for a folder the user does not have permission to access. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
|
| 1 |
| value |
8.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5506, GHSA-79hj-474h-v4xv, PYSEC-2014-48
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uduq-ujbb-6qd2 |
|
| 53 |
| url |
VCID-ugq4-1vzc-6uh5 |
| vulnerability_id |
VCID-ugq4-1vzc-6uh5 |
| summary |
Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection mechanism and obtain sensitive information by leveraging the Python string format method. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/advisories/GHSA-p5wr-vp8g-q5p4 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
cvssv3.1_qr |
| scoring_elements |
|
|
| 2 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/advisories/GHSA-p5wr-vp8g-q5p4 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
| reference_url |
http://www.securityfocus.com/bid/95679 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
http://www.securityfocus.com/bid/95679 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.3.12 |
| purl |
pkg:pypi/plone@4.3.12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 10 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 11 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 12 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 13 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 14 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 15 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 16 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 17 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 18 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 19 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 20 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 21 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 22 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12 |
|
| 1 |
| url |
pkg:pypi/plone@5.0.7 |
| purl |
pkg:pypi/plone@5.0.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 8 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 9 |
| vulnerability |
VCID-c3we-w4qc-6fhs |
|
| 10 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 11 |
| vulnerability |
VCID-dnu9-u6zt-c7ch |
|
| 12 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 13 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 14 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 15 |
| vulnerability |
VCID-jn3b-smfx-87gg |
|
| 16 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 17 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 18 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 19 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 20 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 21 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 22 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 23 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 24 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7 |
|
| 2 |
| url |
pkg:pypi/plone@5.1b1 |
| purl |
pkg:pypi/plone@5.1b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 8 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 9 |
| vulnerability |
VCID-c3we-w4qc-6fhs |
|
| 10 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 11 |
| vulnerability |
VCID-dnu9-u6zt-c7ch |
|
| 12 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 13 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 14 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 15 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 16 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 17 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 18 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 19 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 20 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 21 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1b1 |
|
|
| aliases |
CVE-2017-5524, GHSA-p5wr-vp8g-q5p4, PYSEC-2017-81
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ugq4-1vzc-6uh5 |
|
| 54 |
| url |
VCID-uv7n-awe5-2fav |
| vulnerability_id |
VCID-uv7n-awe5-2fav |
| summary |
Multiple cross-site scripting (XSS) vulnerabilities in (1) spamProtect.py, (2) pts.py, and (3) request.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
http://seclists.org/oss-sec/2013/q3/261 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
http://seclists.org/oss-sec/2013/q3/261 |
|
| 5 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.1.1 |
| purl |
pkg:pypi/plone@4.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 4 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 9 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 10 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 11 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 12 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 13 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 14 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 15 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 16 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 17 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 18 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 19 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 20 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 21 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 22 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 23 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 24 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 25 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 26 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 27 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 28 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 29 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 30 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 31 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 32 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 33 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 34 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 35 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 36 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 37 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 38 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 39 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 40 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 41 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 42 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 43 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 44 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 45 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 46 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 47 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 48 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 49 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 50 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 51 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 52 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 53 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 54 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 55 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 56 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1 |
|
| 1 |
| url |
pkg:pypi/plone@4.2.6 |
| purl |
pkg:pypi/plone@4.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 8 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 9 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 10 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 11 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 12 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 13 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 14 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 15 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 16 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 17 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 18 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 19 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 20 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 21 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 22 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 23 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 24 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 25 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 26 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 27 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 28 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 29 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 30 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 31 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 32 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 33 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6 |
|
| 2 |
| url |
pkg:pypi/plone@4.3.2 |
| purl |
pkg:pypi/plone@4.3.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 9 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 10 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 11 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 12 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 13 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 14 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 15 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 16 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 17 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 18 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 19 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 20 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 21 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 22 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 23 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 24 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 25 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 26 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 27 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 28 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 29 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 30 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 31 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 32 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 33 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 34 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 35 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 36 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2 |
|
|
| aliases |
CVE-2013-4190, GHSA-89rq-27xp-vgv7, PYSEC-2014-54
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uv7n-awe5-2fav |
|
| 55 |
| url |
VCID-vc1v-xsbc-kff1 |
| vulnerability_id |
VCID-vc1v-xsbc-kff1 |
| summary |
The App.Undo.UndoSupport.get_request_var_or_attr function in Zope before 2.12.21 and 2.13.x before 2.13.11, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote authenticated users to gain access to restricted attributes via unspecified vectors. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5489, GHSA-879r-7f3w-8jj3, PYSEC-2014-31, PYSEC-2014-74
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vc1v-xsbc-kff1 |
|
| 56 |
| url |
VCID-w2u3-bnqq-mqfz |
| vulnerability_id |
VCID-w2u3-bnqq-mqfz |
| summary |
User information disclosure
A vulnerability allows unauthorized disclosure of registered user information. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.3.8 |
| purl |
pkg:pypi/plone@4.3.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 13 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 14 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 15 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 16 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 17 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 18 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 19 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 20 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 21 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 22 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 23 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 24 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 25 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 26 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 27 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.8 |
|
| 1 |
| url |
pkg:pypi/plone@5.0.1 |
| purl |
pkg:pypi/plone@5.0.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 10 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 11 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 12 |
| vulnerability |
VCID-c3we-w4qc-6fhs |
|
| 13 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 14 |
| vulnerability |
VCID-dnu9-u6zt-c7ch |
|
| 15 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 16 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 17 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 18 |
| vulnerability |
VCID-jn3b-smfx-87gg |
|
| 19 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 20 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 21 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 22 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 23 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 24 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 25 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 26 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 27 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 28 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 29 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 30 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 31 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 32 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.1 |
|
|
| aliases |
GMS-2015-51
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-w2u3-bnqq-mqfz |
|
| 57 |
| url |
VCID-xa5e-bbcv-byg9 |
| vulnerability_id |
VCID-xa5e-bbcv-byg9 |
| summary |
Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to obtain the installation path via vectors related to a file object for unspecified documentation which is initialized in class scope. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.3.3 |
| purl |
pkg:pypi/plone@4.3.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 9 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 10 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 11 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 12 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 13 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 14 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 15 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 16 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 17 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 18 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 19 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 20 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 21 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 22 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 23 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 24 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 25 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 26 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 27 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 28 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 29 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 30 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 31 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 32 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 33 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.3 |
|
|
| aliases |
CVE-2013-7060, GHSA-rg52-j87w-pf83, PYSEC-2014-65, PYSEC-2014-67
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xa5e-bbcv-byg9 |
|
| 58 |
| url |
VCID-xksv-mub7-dyck |
| vulnerability_id |
VCID-xksv-mub7-dyck |
| summary |
registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via unspecified vectors, related to the admin interface. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.2 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
8.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5485, GHSA-7hxc-mwx7-5hmc, PYSEC-2014-27
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xksv-mub7-dyck |
|
| 59 |
| url |
VCID-xpjk-k6tj-2uba |
| vulnerability_id |
VCID-xpjk-k6tj-2uba |
| summary |
Cross-site scripting (XSS) vulnerability in safe_html.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with permissions to edit content to inject arbitrary web script or HTML via unspecified vectors. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.2.3 |
| purl |
pkg:pypi/plone@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-31m2-mwzq-judc |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 7 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 8 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 9 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 10 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 11 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 12 |
| vulnerability |
VCID-7mc8-x346-eyaq |
|
| 13 |
| vulnerability |
VCID-83xg-a5v4-4bcw |
|
| 14 |
| vulnerability |
VCID-8r52-vc7e-f3bc |
|
| 15 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 16 |
| vulnerability |
VCID-a628-5uyk-w3ca |
|
| 17 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 18 |
| vulnerability |
VCID-bj9p-4wzt-47cf |
|
| 19 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 20 |
| vulnerability |
VCID-fd6y-2fcd-jbck |
|
| 21 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 22 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 23 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 24 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 25 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 26 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 27 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 28 |
| vulnerability |
VCID-qskf-bt81-5bbe |
|
| 29 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 30 |
| vulnerability |
VCID-rn4s-px1y-7fbc |
|
| 31 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 32 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 33 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 34 |
| vulnerability |
VCID-swq8-17qu-vyfw |
|
| 35 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 36 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 37 |
| vulnerability |
VCID-uv7n-awe5-2fav |
|
| 38 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 39 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 40 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 41 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 42 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 43 |
| vulnerability |
VCID-ykg2-qbyr-ayd5 |
|
| 44 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 45 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
| 46 |
| vulnerability |
VCID-zf51-58kf-43bf |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3 |
|
| 1 |
| url |
pkg:pypi/plone@4.3b1 |
| purl |
pkg:pypi/plone@4.3b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 6 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 7 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 8 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 9 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 10 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 11 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 12 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 13 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 14 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 15 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 16 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 17 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 18 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 19 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 20 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 21 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 22 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 23 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 24 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 25 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 26 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 27 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 28 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 29 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 30 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1 |
|
|
| aliases |
CVE-2012-5502, GHSA-hr59-35cr-qf43, PYSEC-2014-44
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xpjk-k6tj-2uba |
|
| 60 |
| url |
VCID-y2bq-cb4v-mke6 |
| vulnerability_id |
VCID-y2bq-cb4v-mke6 |
| summary |
When you visit a page where you need to login, Plone 2.5-5.1rc1 sends you to the login form with a 'came_from' parameter set to the previous url. After you login, you get redirected to the page you tried to view before. An attacker might try to abuse this by letting you click on a specially crafted link. You would login, and get redirected to the site of the attacker, letting you think that you are still on the original Plone site. Or some javascript of the attacker could be executed. Most of these types of attacks are already blocked by Plone, using the `isURLInPortal` check to make sure we only redirect to a page on the same Plone site. But a few more ways of tricking Plone into accepting a malicious link were discovered, and fixed with this hotfix. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.3.16 |
| purl |
pkg:pypi/plone@4.3.16 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 4 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 5 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 6 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 7 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 8 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 9 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 10 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 11 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 12 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 13 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 14 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 15 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 16 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 17 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 18 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 19 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.16 |
|
| 1 |
| url |
pkg:pypi/plone@5.1.0 |
| purl |
pkg:pypi/plone@5.1.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 4 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 5 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 6 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 7 |
| vulnerability |
VCID-c3we-w4qc-6fhs |
|
| 8 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 9 |
| vulnerability |
VCID-dnu9-u6zt-c7ch |
|
| 10 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 11 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 12 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 13 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 14 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 15 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 16 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 17 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1.0 |
|
|
| aliases |
CVE-2017-1000481, GHSA-8g72-gq68-6gqh, PYSEC-2018-70
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y2bq-cb4v-mke6 |
|
| 61 |
| url |
VCID-ykg2-qbyr-ayd5 |
| vulnerability_id |
VCID-ykg2-qbyr-ayd5 |
| summary |
member_portrait.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to modify or delete portraits of other users via unspecified vectors. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
http://seclists.org/oss-sec/2013/q3/261 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
|
| 1 |
| value |
7.2 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
http://seclists.org/oss-sec/2013/q3/261 |
|
| 5 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
|
| 1 |
| value |
7.2 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.1.1 |
| purl |
pkg:pypi/plone@4.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 4 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 9 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 10 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 11 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 12 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 13 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 14 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 15 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 16 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 17 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 18 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 19 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 20 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 21 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 22 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 23 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 24 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 25 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 26 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 27 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 28 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 29 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 30 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 31 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 32 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 33 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 34 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 35 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 36 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 37 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 38 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 39 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 40 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 41 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 42 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 43 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 44 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 45 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 46 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 47 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 48 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 49 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 50 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 51 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 52 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 53 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 54 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 55 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 56 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1 |
|
| 1 |
| url |
pkg:pypi/plone@4.2.6 |
| purl |
pkg:pypi/plone@4.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 8 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 9 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 10 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 11 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 12 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 13 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 14 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 15 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 16 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 17 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 18 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 19 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 20 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 21 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 22 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 23 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 24 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 25 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 26 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 27 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 28 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 29 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 30 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 31 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 32 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 33 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6 |
|
| 2 |
| url |
pkg:pypi/plone@4.3.2 |
| purl |
pkg:pypi/plone@4.3.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 9 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 10 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 11 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 12 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 13 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 14 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 15 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 16 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 17 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 18 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 19 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 20 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 21 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 22 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 23 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 24 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 25 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 26 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 27 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 28 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 29 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 30 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 31 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 32 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 33 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 34 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 35 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 36 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2 |
|
|
| aliases |
CVE-2013-4197, GHSA-jjvw-3h9j-p7jf, PYSEC-2014-61
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ykg2-qbyr-ayd5 |
|
| 62 |
| url |
VCID-z8kt-tf38-eqgc |
| vulnerability_id |
VCID-z8kt-tf38-eqgc |
| summary |
Plone before 5.2.3 allows SSRF attacks via the tracebacks feature (only available to the Manager role). |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@5.2.3 |
| purl |
pkg:pypi/plone@5.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 1 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 2 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 3 |
| vulnerability |
VCID-ccuu-86vs-s3gs |
|
| 4 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 5 |
| vulnerability |
VCID-dnu9-u6zt-c7ch |
|
| 6 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 7 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 8 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 9 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 10 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.3 |
|
|
| aliases |
CVE-2020-28735, GHSA-x7wf-5mjc-6x76, PYSEC-2020-247
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z8kt-tf38-eqgc |
|
| 63 |
| url |
VCID-zf51-58kf-43bf |
| vulnerability_id |
VCID-zf51-58kf-43bf |
| summary |
sendto.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to spoof emails via unspecified vectors. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
http://seclists.org/oss-sec/2013/q3/261 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
7.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
http://seclists.org/oss-sec/2013/q3/261 |
|
| 5 |
| reference_url |
https://github.com/plone/Plone |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
7.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/plone/Plone |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/plone@4.1.1 |
| purl |
pkg:pypi/plone@4.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 2 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 3 |
| vulnerability |
VCID-3uw2-j3r6-77ch |
|
| 4 |
| vulnerability |
VCID-3v6x-b2g3-fyhq |
|
| 5 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 6 |
| vulnerability |
VCID-46az-51p2-yfdf |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-4hzn-mj8g-37ew |
|
| 9 |
| vulnerability |
VCID-4ym2-39bg-dbga |
|
| 10 |
| vulnerability |
VCID-5bnw-ktd3-8qeb |
|
| 11 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 12 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 13 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 14 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 15 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 16 |
| vulnerability |
VCID-6rsz-krhe-q3gz |
|
| 17 |
| vulnerability |
VCID-8gk5-28z6-7bcf |
|
| 18 |
| vulnerability |
VCID-8j8e-z731-7fbz |
|
| 19 |
| vulnerability |
VCID-8md9-zymx-w7cn |
|
| 20 |
| vulnerability |
VCID-99bf-ybqh-dfad |
|
| 21 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 22 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 23 |
| vulnerability |
VCID-ch1t-qmtc-xqfx |
|
| 24 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 25 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 26 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 27 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 28 |
| vulnerability |
VCID-hzgj-wca9-z3d1 |
|
| 29 |
| vulnerability |
VCID-jhc2-yux7-vybj |
|
| 30 |
| vulnerability |
VCID-k34d-p9vb-g7by |
|
| 31 |
| vulnerability |
VCID-kak6-5sps-z3da |
|
| 32 |
| vulnerability |
VCID-kvvr-zc1s-akhn |
|
| 33 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 34 |
| vulnerability |
VCID-mgpa-1taj-pycj |
|
| 35 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 36 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 37 |
| vulnerability |
VCID-pncb-4m8u-hbaw |
|
| 38 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 39 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 40 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 41 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 42 |
| vulnerability |
VCID-scgs-bz44-ebfk |
|
| 43 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 44 |
| vulnerability |
VCID-u1hz-5a2a-ybac |
|
| 45 |
| vulnerability |
VCID-uduq-ujbb-6qd2 |
|
| 46 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 47 |
| vulnerability |
VCID-vc1v-xsbc-kff1 |
|
| 48 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 49 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 50 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 51 |
| vulnerability |
VCID-xksv-mub7-dyck |
|
| 52 |
| vulnerability |
VCID-xpjk-k6tj-2uba |
|
| 53 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 54 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 55 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 56 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1 |
|
| 1 |
| url |
pkg:pypi/plone@4.2.6 |
| purl |
pkg:pypi/plone@4.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 1 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 2 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 3 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 4 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 5 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 6 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 7 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 8 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 9 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 10 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 11 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 12 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 13 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 14 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 15 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 16 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 17 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 18 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 19 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 20 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 21 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 22 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 23 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 24 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 25 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 26 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 27 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 28 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 29 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 30 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 31 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 32 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 33 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6 |
|
| 2 |
| url |
pkg:pypi/plone@4.3.2 |
| purl |
pkg:pypi/plone@4.3.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2jxf-hfxq-skg7 |
|
| 1 |
| vulnerability |
VCID-311f-xecp-47fm |
|
| 2 |
| vulnerability |
VCID-36rb-6jkw-j7d8 |
|
| 3 |
| vulnerability |
VCID-36xh-ua3s-gyfr |
|
| 4 |
| vulnerability |
VCID-3n34-5rm7-nbcj |
|
| 5 |
| vulnerability |
VCID-3s9q-6gvu-qyef |
|
| 6 |
| vulnerability |
VCID-43m1-jkv8-jygp |
|
| 7 |
| vulnerability |
VCID-4bjr-mjug-gqd2 |
|
| 8 |
| vulnerability |
VCID-5e2c-6mkx-4udu |
|
| 9 |
| vulnerability |
VCID-5kaj-zugj-mbh1 |
|
| 10 |
| vulnerability |
VCID-5tbn-qmuj-jya9 |
|
| 11 |
| vulnerability |
VCID-5z33-3pqj-gygw |
|
| 12 |
| vulnerability |
VCID-6898-z4k5-h3b6 |
|
| 13 |
| vulnerability |
VCID-9ze6-mfrw-ukdv |
|
| 14 |
| vulnerability |
VCID-a67e-svcb-ekhc |
|
| 15 |
| vulnerability |
VCID-d68e-uehc-nudc |
|
| 16 |
| vulnerability |
VCID-fga8-ymex-67fw |
|
| 17 |
| vulnerability |
VCID-gejv-h449-13e4 |
|
| 18 |
| vulnerability |
VCID-gsnt-c1cd-d3bf |
|
| 19 |
| vulnerability |
VCID-m91w-vguw-qkem |
|
| 20 |
| vulnerability |
VCID-njnv-5cwt-4ygy |
|
| 21 |
| vulnerability |
VCID-pn5z-xdcd-zqd5 |
|
| 22 |
| vulnerability |
VCID-pv2n-2y41-pbg5 |
|
| 23 |
| vulnerability |
VCID-r61f-p8nh-2bax |
|
| 24 |
| vulnerability |
VCID-r874-3h26-j3fp |
|
| 25 |
| vulnerability |
VCID-s5ab-nud4-5qdg |
|
| 26 |
| vulnerability |
VCID-sa7x-wvn1-skh1 |
|
| 27 |
| vulnerability |
VCID-sg6k-wdwq-9bgd |
|
| 28 |
| vulnerability |
VCID-tfmu-7tad-xbbe |
|
| 29 |
| vulnerability |
VCID-ugq4-1vzc-6uh5 |
|
| 30 |
| vulnerability |
VCID-w2u3-bnqq-mqfz |
|
| 31 |
| vulnerability |
VCID-wage-1bme-bkgb |
|
| 32 |
| vulnerability |
VCID-xa5e-bbcv-byg9 |
|
| 33 |
| vulnerability |
VCID-y2bq-cb4v-mke6 |
|
| 34 |
| vulnerability |
VCID-yaa8-vy4x-cqbq |
|
| 35 |
| vulnerability |
VCID-ymbd-m6tf-5bap |
|
| 36 |
| vulnerability |
VCID-z8kt-tf38-eqgc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2 |
|
|
| aliases |
CVE-2013-4192, GHSA-f5h9-3hpf-9j8m, PYSEC-2014-56
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zf51-58kf-43bf |
|