Search for packages
| purl | pkg:pypi/zope2@2.7.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3snn-k8cb-xbfe
Aliases: CVE-2006-4684 GHSA-hm8g-jxjj-gfm3 PYSEC-2006-8 |
The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary files via a csv_table directive, a different vulnerability than CVE-2006-3458. |
Affected by 0 other vulnerabilities. |
|
VCID-peee-y3c2-13bu
Aliases: CVE-2006-3458 GHSA-jcjp-qqpq-pc54 PYSEC-2006-7 |
Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to read arbitrary files. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-05-31T00:56:04.728599+00:00 | GHSA Importer | Affected by | VCID-3snn-k8cb-xbfe | https://github.com/advisories/GHSA-hm8g-jxjj-gfm3 | 38.6.0 |
| 2026-05-31T00:56:04.217458+00:00 | GHSA Importer | Affected by | VCID-peee-y3c2-13bu | https://github.com/advisories/GHSA-jcjp-qqpq-pc54 | 38.6.0 |
| 2026-05-30T20:57:52.213311+00:00 | GitLab Importer | Affected by | VCID-peee-y3c2-13bu | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Zope2/CVE-2006-3458.yml | 38.6.0 |
| 2026-05-30T20:57:50.275503+00:00 | GitLab Importer | Affected by | VCID-3snn-k8cb-xbfe | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Zope2/CVE-2006-4684.yml | 38.6.0 |