Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/zope2@2.12.0b3
Typepypi
Namespace
Namezope2
Version2.12.0b3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.13.19
Latest_non_vulnerable_version2.13.19
Affected_by_vulnerabilities
0
url VCID-4ym2-39bg-dbga
vulnerability_id VCID-4ym2-39bg-dbga
summary ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1194.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1194.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:1194
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1194
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5486.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5486.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5486
reference_id
reference_type
scores
0
value 0.00821
scoring_system epss
scoring_elements 0.74709
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5486
4
reference_url https://bugs.launchpad.net/zope2/+bug/930812
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/zope2/+bug/930812
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=878939
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=878939
6
reference_url https://github.com/advisories/GHSA-77hv-8796-8ccp
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-77hv-8796-8ccp
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-28.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-28.yaml
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-73.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-73.yaml
9
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
10
reference_url https://plone.org/products/plone/security/advisories/20121106/02
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/02
11
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
12
reference_url https://access.redhat.com/security/cve/CVE-2012-5486
reference_id CVE-2012-5486
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2012-5486
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5486
reference_id CVE-2012-5486
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5486
fixed_packages
0
url pkg:pypi/zope2@2.13.19
purl pkg:pypi/zope2@2.13.19
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/zope2@2.13.19
aliases CVE-2012-5486, GHSA-77hv-8796-8ccp, PYSEC-2014-28, PYSEC-2014-73
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4ym2-39bg-dbga
1
url VCID-7ucd-1qjw-pyd1
vulnerability_id VCID-7ucd-1qjw-pyd1
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3, 3.1.1 through 3.4.1. allows remote attackers to inject arbitrary web script or HTML via vectors related to the way error messages perform sanitization. NOTE: this issue exists because of an incomplete fix for CVE-2010-1104
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4924.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4924.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4924
reference_id
reference_type
scores
0
value 0.0099
scoring_system epss
scoring_elements 0.77183
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4924
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4924
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4924
3
reference_url https://github.com/zopefoundation/Zope
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/zopefoundation/Zope
4
reference_url https://github.com/zopefoundation/Zope/commit/37e4ea774acc668f6b430a45a6ab1e359710f590
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/zopefoundation/Zope/commit/37e4ea774acc668f6b430a45a6ab1e359710f590
5
reference_url https://github.com/zopefoundation/Zope/commit/a0655194cb39ad88ce3323a3e489927c5f979c44
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/zopefoundation/Zope/commit/a0655194cb39ad88ce3323a3e489927c5f979c44
6
reference_url http://www.openwall.com/lists/oss-security/2012/01/19/16
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/01/19/16
7
reference_url http://www.openwall.com/lists/oss-security/2012/01/19/17
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/01/19/17
8
reference_url http://www.openwall.com/lists/oss-security/2012/01/19/18
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/01/19/18
9
reference_url http://www.openwall.com/lists/oss-security/2012/01/19/19
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/01/19/19
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=771920
reference_id 771920
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=771920
11
reference_url https://access.redhat.com/security/cve/cve-2011-4924
reference_id CVE-2011-4924
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/cve-2011-4924
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-4924
reference_id CVE-2011-4924
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-4924
13
reference_url https://security-tracker.debian.org/tracker/CVE-2011-4924
reference_id CVE-2011-4924
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security-tracker.debian.org/tracker/CVE-2011-4924
14
reference_url https://github.com/advisories/GHSA-vh6g-786f-hxxp
reference_id GHSA-vh6g-786f-hxxp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vh6g-786f-hxxp
fixed_packages
0
url pkg:pypi/zope2@2.12.22
purl pkg:pypi/zope2@2.12.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4ym2-39bg-dbga
1
vulnerability VCID-pncb-4m8u-hbaw
2
vulnerability VCID-scgs-bz44-ebfk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/zope2@2.12.22
1
url pkg:pypi/zope2@2.13.12
purl pkg:pypi/zope2@2.13.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4ym2-39bg-dbga
1
vulnerability VCID-pncb-4m8u-hbaw
2
vulnerability VCID-scgs-bz44-ebfk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/zope2@2.13.12
aliases CVE-2011-4924, GHSA-vh6g-786f-hxxp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ucd-1qjw-pyd1
2
url VCID-dq8k-9w5z-n7a5
vulnerability_id VCID-dq8k-9w5z-n7a5
summary Cross-site scripting (XSS) vulnerability in ZMI pages that use the manage_tabs_message in Zope 2.11.4, 2.11.2, 2.10.9, 2.10.7, 2.10.6, 2.10.5, 2.10.4, 2.10.2, 2.10.1, 2.12.
references
0
reference_url http://cve.killedkenny.io/cve/CVE-2009-5145
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://cve.killedkenny.io/cve/CVE-2009-5145
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-5145.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-5145.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-5145
reference_id
reference_type
scores
0
value 0.00635
scoring_system epss
scoring_elements 0.70752
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-5145
3
reference_url https://bugs.launchpad.net/zope2/+bug/490514
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/zope2/+bug/490514
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/zope/PYSEC-2017-148.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/zope/PYSEC-2017-148.yaml
5
reference_url https://github.com/zopefoundation/Zope
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/zopefoundation/Zope
6
reference_url https://github.com/zopefoundation/Zope/commit/2abdf14620f146857dc8e3ffd2b6a754884c331d
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/zopefoundation/Zope/commit/2abdf14620f146857dc8e3ffd2b6a754884c331d
7
reference_url https://security-tracker.debian.org/tracker/CVE-2009-5145/
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://security-tracker.debian.org/tracker/CVE-2009-5145/
8
reference_url http://www.openwall.com/lists/oss-security/2015/03/02/7
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/03/02/7
9
reference_url http://www.securityfocus.com/bid/72792/info
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url http://www.securityfocus.com/bid/72792/info
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1483634
reference_id 1483634
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1483634
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-5145
reference_id CVE-2009-5145
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2009-5145
12
reference_url https://security-tracker.debian.org/tracker/CVE-2009-5145
reference_id CVE-2009-5145
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security-tracker.debian.org/tracker/CVE-2009-5145
13
reference_url https://github.com/advisories/GHSA-5r4x-qc7q-vj27
reference_id GHSA-5r4x-qc7q-vj27
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5r4x-qc7q-vj27
fixed_packages
0
url pkg:pypi/zope2@2.12.5
purl pkg:pypi/zope2@2.12.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2vmc-exnd-qua6
1
vulnerability VCID-4ym2-39bg-dbga
2
vulnerability VCID-7ucd-1qjw-pyd1
3
vulnerability VCID-ehbm-mb5v-ufhr
4
vulnerability VCID-pncb-4m8u-hbaw
5
vulnerability VCID-scgs-bz44-ebfk
6
vulnerability VCID-vc1v-xsbc-kff1
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/zope2@2.12.5
aliases CVE-2009-5145, GHSA-5r4x-qc7q-vj27, PYSEC-2017-148
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dq8k-9w5z-n7a5
3
url VCID-pncb-4m8u-hbaw
vulnerability_id VCID-pncb-4m8u-hbaw
summary AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain passwords via vectors involving timing discrepancies in password validation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5507.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5507.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5507
reference_id
reference_type
scores
0
value 0.00276
scoring_system epss
scoring_elements 0.51249
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5507
2
reference_url https://bugs.launchpad.net/zope2/+bug/1071067
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/zope2/+bug/1071067
3
reference_url https://github.com/advisories/GHSA-3qpr-7rmg-73v8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-3qpr-7rmg-73v8
4
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-49.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-49.yaml
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-75.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-75.yaml
7
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
8
reference_url https://plone.org/products/plone/security/advisories/20121106/23
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/23
9
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874110
reference_id 874110
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=874110
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5507
reference_id CVE-2012-5507
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5507
fixed_packages
0
url pkg:pypi/zope2@2.13.19
purl pkg:pypi/zope2@2.13.19
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/zope2@2.13.19
aliases CVE-2012-5507, GHSA-3qpr-7rmg-73v8, PYSEC-2014-49, PYSEC-2014-75
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pncb-4m8u-hbaw
4
url VCID-scgs-bz44-ebfk
vulnerability_id VCID-scgs-bz44-ebfk
summary Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, does not reseed the pseudo-random number generator (PRNG), which makes it easier for remote attackers to guess the value via unspecified vectors. NOTE: this issue was SPLIT from CVE-2012-5508 due to different vulnerability types (ADT2).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6661.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6661.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-6661
reference_id
reference_type
scores
0
value 0.00403
scoring_system epss
scoring_elements 0.61148
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-6661
2
reference_url https://bugs.launchpad.net/zope2/+bug/1071067
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/zope2/+bug/1071067
3
reference_url https://github.com/advisories/GHSA-48vv-2pmq-9fvv
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-48vv-2pmq-9fvv
4
reference_url https://github.com/plone/Products.CMFPlone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone
5
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-51.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-51.yaml
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-76.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-76.yaml
8
reference_url https://plone.org/products/plone-hotfix/releases/20121124
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121124
9
reference_url https://plone.org/products/plone/security/advisories/20121106/24
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/24
10
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874108
reference_id 874108
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=874108
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-6661
reference_id CVE-2012-6661
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-6661
fixed_packages
0
url pkg:pypi/zope2@2.13.19
purl pkg:pypi/zope2@2.13.19
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/zope2@2.13.19
aliases CVE-2012-6661, GHSA-48vv-2pmq-9fvv, PYSEC-2014-51, PYSEC-2014-76
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-scgs-bz44-ebfk
5
url VCID-vc1v-xsbc-kff1
vulnerability_id VCID-vc1v-xsbc-kff1
summary The App.Undo.UndoSupport.get_request_var_or_attr function in Zope before 2.12.21 and 2.13.x before 2.13.11, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote authenticated users to gain access to restricted attributes via unspecified vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5489.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5489.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5489
reference_id
reference_type
scores
0
value 0.00575
scoring_system epss
scoring_elements 0.69076
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5489
2
reference_url https://bugs.launchpad.net/zope2/+bug/1079238
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/zope2/+bug/1079238
3
reference_url https://github.com/advisories/GHSA-879r-7f3w-8jj3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-879r-7f3w-8jj3
4
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-31.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-31.yaml
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-74.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-74.yaml
7
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
8
reference_url https://plone.org/products/plone/security/advisories/20121106/05
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/05
9
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=878961
reference_id 878961
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=878961
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5489
reference_id CVE-2012-5489
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5489
fixed_packages
0
url pkg:pypi/zope2@2.12.21
purl pkg:pypi/zope2@2.12.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4ym2-39bg-dbga
1
vulnerability VCID-7ucd-1qjw-pyd1
2
vulnerability VCID-pncb-4m8u-hbaw
3
vulnerability VCID-scgs-bz44-ebfk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/zope2@2.12.21
1
url pkg:pypi/zope2@2.13.11
purl pkg:pypi/zope2@2.13.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4ym2-39bg-dbga
1
vulnerability VCID-7ucd-1qjw-pyd1
2
vulnerability VCID-pncb-4m8u-hbaw
3
vulnerability VCID-scgs-bz44-ebfk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/zope2@2.13.11
aliases CVE-2012-5489, GHSA-879r-7f3w-8jj3, PYSEC-2014-31, PYSEC-2014-74
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vc1v-xsbc-kff1
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/zope2@2.12.0b3