Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-b2az-q6wv-eyhw

Summary The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2 does not prevent the KwAsAttributes classes from being publishable, which allows remote attackers to access sub-objects via unspecified vectors, a different vulnerability than CVE-2011-3587.

Aliases

alias	CVE-2011-4030

alias	GHSA-pwgm-jvqv-6v8p

alias	PYSEC-2011-27

Fixed_packages

url pkg:pypi/plone@4.0.10

purl pkg:pypi/plone@4.0.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2sk4-yc6h-17c4

vulnerability	VCID-3buw-zes9-ukg4

vulnerability	VCID-3shf-hh9a-rqdw

vulnerability	VCID-4v5e-r5we-tffe

vulnerability	VCID-5n6e-cha8-nyb8

vulnerability	VCID-5ry7-xy6b-5fag

vulnerability	VCID-6568-4ert-1bau

vulnerability	VCID-69ps-uetw-y3gf

vulnerability	VCID-8rp3-p3qe-x7ej

vulnerability	VCID-9a27-8egg-7uam

vulnerability	VCID-9dr2-mexa-qfbn

vulnerability	VCID-9gu8-dgkr-sua3

vulnerability	VCID-9kgy-2mwu-6yhd

vulnerability	VCID-9u27-bf7b-x7er

vulnerability	VCID-ax8a-2g7j-6ya2

vulnerability	VCID-ay85-551m-vfej

vulnerability	VCID-basq-jjsf-3fbd

vulnerability	VCID-bmwk-nutp-r3fs

vulnerability	VCID-chqa-wbu7-eyak

vulnerability	VCID-cpwq-sq8b-4yhf

vulnerability	VCID-d42u-s7za-a3ad

vulnerability	VCID-d6hq-qfek-1bgu

vulnerability	VCID-dg61-tw4u-dbcc

vulnerability	VCID-dxqw-uf6r-vbbh

vulnerability	VCID-edq7-7ncc-mbfx

vulnerability	VCID-eg2r-ez9f-hkak

vulnerability	VCID-eu4z-htaq-c3d6

vulnerability	VCID-exan-4j3e-2qeh

vulnerability	VCID-fdpc-runu-ekah

vulnerability	VCID-g2ap-vh6r-yqds

vulnerability	VCID-g6ky-pfur-7kfg

vulnerability	VCID-gdtw-2d1s-2bbw

vulnerability	VCID-h4kd-eh8g-gude

vulnerability	VCID-h8ur-tnzd-afay

vulnerability	VCID-hb93-ea78-8ygv

vulnerability	VCID-hhux-xufk-ube2

vulnerability	VCID-hygx-6n52-u7fz

vulnerability	VCID-jvwn-yw13-gfe9

vulnerability	VCID-khhr-m295-23gs

vulnerability	VCID-khsn-43tn-37bx

vulnerability	VCID-krfw-xa2b-vue5

vulnerability	VCID-kz14-79we-xbfe

vulnerability	VCID-mt5t-3gsw-7fde

vulnerability	VCID-n4nh-4rq4-r7hx

vulnerability	VCID-nrxp-p6rx-8kdd

vulnerability	VCID-p71t-er3d-9fdn

vulnerability	VCID-pb2y-jwn1-wbck

vulnerability	VCID-pgrv-sncf-cqca

vulnerability	VCID-pzke-4by2-w3hk

vulnerability	VCID-q7nt-b3s9-9kf6

vulnerability	VCID-r52t-hx1j-ufa1

vulnerability	VCID-s84e-bb7w-5qht

vulnerability	VCID-shjb-m9k6-uuf1

vulnerability	VCID-svbc-dj3m-t7av

vulnerability	VCID-tc7w-wttv-vfed

vulnerability	VCID-ud5f-7gx8-83d6

vulnerability	VCID-uqe7-n3uh-zfac

vulnerability	VCID-uykg-p1e9-mfd8

vulnerability	VCID-vr9k-9xch-4yc7

vulnerability	VCID-w2mv-zekv-8fcv

vulnerability	VCID-wuas-tkd4-rkd4

vulnerability	VCID-x2xm-hpc2-uubq

vulnerability	VCID-x6y6-xx1a-7kfd

vulnerability	VCID-x8n5-qj35-eqb1

vulnerability	VCID-xpq8-npn5-kyb9

vulnerability	VCID-yfkz-3xu3-vyc9

vulnerability	VCID-yhzr-hb68-cfd6

vulnerability	VCID-ykmg-jcfe-8qf4

vulnerability	VCID-yuph-y2fa-3uaa

vulnerability	VCID-zd73-fvwg-nbgx

vulnerability	VCID-zwnj-revc-vbd6

vulnerability	VCID-zy2g-gzmk-1qcz

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.10

url pkg:pypi/plone@4.1.1

purl pkg:pypi/plone@4.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2sk4-yc6h-17c4

vulnerability	VCID-5n6e-cha8-nyb8

vulnerability	VCID-5ry7-xy6b-5fag

vulnerability	VCID-6568-4ert-1bau

vulnerability	VCID-69ps-uetw-y3gf

vulnerability	VCID-8rp3-p3qe-x7ej

vulnerability	VCID-9gu8-dgkr-sua3

vulnerability	VCID-9kgy-2mwu-6yhd

vulnerability	VCID-ax8a-2g7j-6ya2

vulnerability	VCID-ay85-551m-vfej

vulnerability	VCID-basq-jjsf-3fbd

vulnerability	VCID-bmwk-nutp-r3fs

vulnerability	VCID-chqa-wbu7-eyak

vulnerability	VCID-cpwq-sq8b-4yhf

vulnerability	VCID-d42u-s7za-a3ad

vulnerability	VCID-d6hq-qfek-1bgu

vulnerability	VCID-dg61-tw4u-dbcc

vulnerability	VCID-dxqw-uf6r-vbbh

vulnerability	VCID-edq7-7ncc-mbfx

vulnerability	VCID-eg2r-ez9f-hkak

vulnerability	VCID-eu4z-htaq-c3d6

vulnerability	VCID-exan-4j3e-2qeh

vulnerability	VCID-fdpc-runu-ekah

vulnerability	VCID-g2ap-vh6r-yqds

vulnerability	VCID-g6ky-pfur-7kfg

vulnerability	VCID-gdtw-2d1s-2bbw

vulnerability	VCID-h4kd-eh8g-gude

vulnerability	VCID-h8ur-tnzd-afay

vulnerability	VCID-hb93-ea78-8ygv

vulnerability	VCID-hhux-xufk-ube2

vulnerability	VCID-khhr-m295-23gs

vulnerability	VCID-khsn-43tn-37bx

vulnerability	VCID-krfw-xa2b-vue5

vulnerability	VCID-kz14-79we-xbfe

vulnerability	VCID-mt5t-3gsw-7fde

vulnerability	VCID-n4nh-4rq4-r7hx

vulnerability	VCID-p71t-er3d-9fdn

vulnerability	VCID-pb2y-jwn1-wbck

vulnerability	VCID-pgrv-sncf-cqca

vulnerability	VCID-pzke-4by2-w3hk

vulnerability	VCID-q7nt-b3s9-9kf6

vulnerability	VCID-r52t-hx1j-ufa1

vulnerability	VCID-svbc-dj3m-t7av

vulnerability	VCID-tc7w-wttv-vfed

vulnerability	VCID-uykg-p1e9-mfd8

vulnerability	VCID-vgga-a2ga-t3hw

vulnerability	VCID-vr9k-9xch-4yc7

vulnerability	VCID-w2mv-zekv-8fcv

vulnerability	VCID-wuas-tkd4-rkd4

vulnerability	VCID-x2xm-hpc2-uubq

vulnerability	VCID-x6y6-xx1a-7kfd

vulnerability	VCID-xpq8-npn5-kyb9

vulnerability	VCID-yfkz-3xu3-vyc9

vulnerability	VCID-yhzr-hb68-cfd6

vulnerability	VCID-zd73-fvwg-nbgx

vulnerability	VCID-zwnj-revc-vbd6

vulnerability	VCID-zy2g-gzmk-1qcz

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1

url	pkg:pypi/plone@4.2a3
purl	pkg:pypi/plone@4.2a3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2a3

Affected_packages

url pkg:pypi/plone@4.0

purl pkg:pypi/plone@4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2sk4-yc6h-17c4

vulnerability	VCID-3buw-zes9-ukg4

vulnerability	VCID-3shf-hh9a-rqdw

vulnerability	VCID-4v5e-r5we-tffe

vulnerability	VCID-5n6e-cha8-nyb8

vulnerability	VCID-5ry7-xy6b-5fag

vulnerability	VCID-6568-4ert-1bau

vulnerability	VCID-69ps-uetw-y3gf

vulnerability	VCID-8rp3-p3qe-x7ej

vulnerability	VCID-9a27-8egg-7uam

vulnerability	VCID-9dr2-mexa-qfbn

vulnerability	VCID-9gu8-dgkr-sua3

vulnerability	VCID-9kgy-2mwu-6yhd

vulnerability	VCID-9u27-bf7b-x7er

vulnerability	VCID-ax8a-2g7j-6ya2

vulnerability	VCID-ay85-551m-vfej

vulnerability	VCID-b2az-q6wv-eyhw

vulnerability	VCID-basq-jjsf-3fbd

vulnerability	VCID-bmwk-nutp-r3fs

vulnerability	VCID-chqa-wbu7-eyak

vulnerability	VCID-cpwq-sq8b-4yhf

vulnerability	VCID-d42u-s7za-a3ad

vulnerability	VCID-d6hq-qfek-1bgu

vulnerability	VCID-dg61-tw4u-dbcc

vulnerability	VCID-dxqw-uf6r-vbbh

vulnerability	VCID-edq7-7ncc-mbfx

vulnerability	VCID-eg2r-ez9f-hkak

vulnerability	VCID-eu4z-htaq-c3d6

vulnerability	VCID-exan-4j3e-2qeh

vulnerability	VCID-fdpc-runu-ekah

vulnerability	VCID-g2ap-vh6r-yqds

vulnerability	VCID-g6ky-pfur-7kfg

vulnerability	VCID-gdtw-2d1s-2bbw

vulnerability	VCID-h4kd-eh8g-gude

vulnerability	VCID-h8ur-tnzd-afay

vulnerability	VCID-hb93-ea78-8ygv

vulnerability	VCID-hhux-xufk-ube2

vulnerability	VCID-hygx-6n52-u7fz

vulnerability	VCID-jhw6-wxz2-qbgd

vulnerability	VCID-jvwn-yw13-gfe9

vulnerability	VCID-khhr-m295-23gs

vulnerability	VCID-khsn-43tn-37bx

vulnerability	VCID-krfw-xa2b-vue5

vulnerability	VCID-kz14-79we-xbfe

vulnerability	VCID-mt5t-3gsw-7fde

vulnerability	VCID-n4nh-4rq4-r7hx

vulnerability	VCID-nrxp-p6rx-8kdd

vulnerability	VCID-p71t-er3d-9fdn

vulnerability	VCID-pb2y-jwn1-wbck

vulnerability	VCID-pgrv-sncf-cqca

vulnerability	VCID-pzke-4by2-w3hk

vulnerability	VCID-q7nt-b3s9-9kf6

vulnerability	VCID-r52t-hx1j-ufa1

vulnerability	VCID-s84e-bb7w-5qht

vulnerability	VCID-shjb-m9k6-uuf1

vulnerability	VCID-svbc-dj3m-t7av

vulnerability	VCID-tc7w-wttv-vfed

vulnerability	VCID-ud5f-7gx8-83d6

vulnerability	VCID-uqe7-n3uh-zfac

vulnerability	VCID-uykg-p1e9-mfd8

vulnerability	VCID-vgga-a2ga-t3hw

vulnerability	VCID-vr9k-9xch-4yc7

vulnerability	VCID-w2mv-zekv-8fcv

vulnerability	VCID-wuas-tkd4-rkd4

vulnerability	VCID-x2xm-hpc2-uubq

vulnerability	VCID-x6y6-xx1a-7kfd

vulnerability	VCID-x8n5-qj35-eqb1

vulnerability	VCID-xpq8-npn5-kyb9

vulnerability	VCID-yfkz-3xu3-vyc9

vulnerability	VCID-yhzr-hb68-cfd6

vulnerability	VCID-ykmg-jcfe-8qf4

vulnerability	VCID-yuph-y2fa-3uaa

vulnerability	VCID-zd73-fvwg-nbgx

vulnerability	VCID-zwnj-revc-vbd6

vulnerability	VCID-zy2g-gzmk-1qcz

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0

url pkg:pypi/plone@4.1

purl pkg:pypi/plone@4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2sk4-yc6h-17c4

vulnerability	VCID-3buw-zes9-ukg4

vulnerability	VCID-3shf-hh9a-rqdw

vulnerability	VCID-4v5e-r5we-tffe

vulnerability	VCID-5n6e-cha8-nyb8

vulnerability	VCID-5ry7-xy6b-5fag

vulnerability	VCID-6568-4ert-1bau

vulnerability	VCID-69ps-uetw-y3gf

vulnerability	VCID-8rp3-p3qe-x7ej

vulnerability	VCID-9a27-8egg-7uam

vulnerability	VCID-9dr2-mexa-qfbn

vulnerability	VCID-9gu8-dgkr-sua3

vulnerability	VCID-9kgy-2mwu-6yhd

vulnerability	VCID-9u27-bf7b-x7er

vulnerability	VCID-ax8a-2g7j-6ya2

vulnerability	VCID-ay85-551m-vfej

vulnerability	VCID-b2az-q6wv-eyhw

vulnerability	VCID-basq-jjsf-3fbd

vulnerability	VCID-bmwk-nutp-r3fs

vulnerability	VCID-chqa-wbu7-eyak

vulnerability	VCID-cpwq-sq8b-4yhf

vulnerability	VCID-d42u-s7za-a3ad

vulnerability	VCID-d6hq-qfek-1bgu

vulnerability	VCID-dg61-tw4u-dbcc

vulnerability	VCID-dxqw-uf6r-vbbh

vulnerability	VCID-edq7-7ncc-mbfx

vulnerability	VCID-eg2r-ez9f-hkak

vulnerability	VCID-eu4z-htaq-c3d6

vulnerability	VCID-exan-4j3e-2qeh

vulnerability	VCID-fdpc-runu-ekah

vulnerability	VCID-g2ap-vh6r-yqds

vulnerability	VCID-g6ky-pfur-7kfg

vulnerability	VCID-gdtw-2d1s-2bbw

vulnerability	VCID-h4kd-eh8g-gude

vulnerability	VCID-h8ur-tnzd-afay

vulnerability	VCID-hb93-ea78-8ygv

vulnerability	VCID-hhux-xufk-ube2

vulnerability	VCID-hygx-6n52-u7fz

vulnerability	VCID-jvwn-yw13-gfe9

vulnerability	VCID-khhr-m295-23gs

vulnerability	VCID-khsn-43tn-37bx

vulnerability	VCID-krfw-xa2b-vue5

vulnerability	VCID-kz14-79we-xbfe

vulnerability	VCID-mt5t-3gsw-7fde

vulnerability	VCID-n4nh-4rq4-r7hx

vulnerability	VCID-nrxp-p6rx-8kdd

vulnerability	VCID-p71t-er3d-9fdn

vulnerability	VCID-pb2y-jwn1-wbck

vulnerability	VCID-pgrv-sncf-cqca

vulnerability	VCID-pzke-4by2-w3hk

vulnerability	VCID-q7nt-b3s9-9kf6

vulnerability	VCID-r52t-hx1j-ufa1

vulnerability	VCID-s84e-bb7w-5qht

vulnerability	VCID-shjb-m9k6-uuf1

vulnerability	VCID-svbc-dj3m-t7av

vulnerability	VCID-tc7w-wttv-vfed

vulnerability	VCID-ud5f-7gx8-83d6

vulnerability	VCID-uqe7-n3uh-zfac

vulnerability	VCID-uykg-p1e9-mfd8

vulnerability	VCID-vgga-a2ga-t3hw

vulnerability	VCID-vr9k-9xch-4yc7

vulnerability	VCID-w2mv-zekv-8fcv

vulnerability	VCID-wuas-tkd4-rkd4

vulnerability	VCID-x2xm-hpc2-uubq

vulnerability	VCID-x6y6-xx1a-7kfd

vulnerability	VCID-x8n5-qj35-eqb1

vulnerability	VCID-xpq8-npn5-kyb9

vulnerability	VCID-yfkz-3xu3-vyc9

vulnerability	VCID-yhzr-hb68-cfd6

vulnerability	VCID-ykmg-jcfe-8qf4

vulnerability	VCID-yuph-y2fa-3uaa

vulnerability	VCID-zd73-fvwg-nbgx

vulnerability	VCID-zwnj-revc-vbd6

vulnerability	VCID-zy2g-gzmk-1qcz

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1

url pkg:pypi/plone@4.2a1

purl pkg:pypi/plone@4.2a1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2sk4-yc6h-17c4

vulnerability	VCID-5n6e-cha8-nyb8

vulnerability	VCID-5ry7-xy6b-5fag

vulnerability	VCID-6568-4ert-1bau

vulnerability	VCID-69ps-uetw-y3gf

vulnerability	VCID-8rp3-p3qe-x7ej

vulnerability	VCID-9gu8-dgkr-sua3

vulnerability	VCID-9kgy-2mwu-6yhd

vulnerability	VCID-ax8a-2g7j-6ya2

vulnerability	VCID-ay85-551m-vfej

vulnerability	VCID-b2az-q6wv-eyhw

vulnerability	VCID-basq-jjsf-3fbd

vulnerability	VCID-bmwk-nutp-r3fs

vulnerability	VCID-chqa-wbu7-eyak

vulnerability	VCID-cpwq-sq8b-4yhf

vulnerability	VCID-d42u-s7za-a3ad

vulnerability	VCID-d6hq-qfek-1bgu

vulnerability	VCID-dg61-tw4u-dbcc

vulnerability	VCID-dxqw-uf6r-vbbh

vulnerability	VCID-edq7-7ncc-mbfx

vulnerability	VCID-eg2r-ez9f-hkak

vulnerability	VCID-eu4z-htaq-c3d6

vulnerability	VCID-exan-4j3e-2qeh

vulnerability	VCID-fdpc-runu-ekah

vulnerability	VCID-g2ap-vh6r-yqds

vulnerability	VCID-g6ky-pfur-7kfg

vulnerability	VCID-gdtw-2d1s-2bbw

vulnerability	VCID-h8ur-tnzd-afay

vulnerability	VCID-hb93-ea78-8ygv

vulnerability	VCID-hhux-xufk-ube2

vulnerability	VCID-khhr-m295-23gs

vulnerability	VCID-khsn-43tn-37bx

vulnerability	VCID-krfw-xa2b-vue5

vulnerability	VCID-kz14-79we-xbfe

vulnerability	VCID-mt5t-3gsw-7fde

vulnerability	VCID-n4nh-4rq4-r7hx

vulnerability	VCID-p71t-er3d-9fdn

vulnerability	VCID-pb2y-jwn1-wbck

vulnerability	VCID-pgrv-sncf-cqca

vulnerability	VCID-pzke-4by2-w3hk

vulnerability	VCID-q7nt-b3s9-9kf6

vulnerability	VCID-r52t-hx1j-ufa1

vulnerability	VCID-svbc-dj3m-t7av

vulnerability	VCID-tc7w-wttv-vfed

vulnerability	VCID-uykg-p1e9-mfd8

vulnerability	VCID-vr9k-9xch-4yc7

vulnerability	VCID-w2mv-zekv-8fcv

vulnerability	VCID-x2xm-hpc2-uubq

vulnerability	VCID-x6y6-xx1a-7kfd

vulnerability	VCID-xpq8-npn5-kyb9

vulnerability	VCID-yfkz-3xu3-vyc9

vulnerability	VCID-zd73-fvwg-nbgx

vulnerability	VCID-zwnj-revc-vbd6

vulnerability	VCID-zy2g-gzmk-1qcz

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2a1

References

reference_url

http://plone.org/products/plone-hotfix/releases/20110928

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://plone.org/products/plone-hotfix/releases/20110928

reference_url

http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip

reference_url

http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4030.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4030.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-4030

reference_id

reference_type

scores

value	0.01098
scoring_system	epss
scoring_elements	0.78359
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4030

reference_url	http://secunia.com/advisories/46323
reference_id
reference_type
scores
url	http://secunia.com/advisories/46323

reference_url

https://github.com/plone/Plone

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/plone/Plone

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/products-plonehotfix20110928/PYSEC-2011-27.yaml

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/products-plonehotfix20110928/PYSEC-2011-27.yaml

reference_url	http://www.securityfocus.com/bid/50287
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/50287

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=744804
reference_id	744804
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=744804

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-4030

reference_id

CVE-2011-4030

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2011-4030

reference_url	https://github.com/advisories/GHSA-pwgm-jvqv-6v8p
reference_id	GHSA-pwgm-jvqv-6v8p
reference_type
scores
url	https://github.com/advisories/GHSA-pwgm-jvqv-6v8p

Weaknesses

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score 7.0 - 8.9

Exploitability 0.5

Weighted_severity 8.0

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b2az-q6wv-eyhw

Vulnerability Instance