Search for packages
| purl | pkg:pypi/zope@2.2.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-68cx-x4us-ryfa
Aliases: CVE-2002-0170 GHSA-c3rp-4cjh-cp38 |
Zope does not properly verify the access for objects with proxy roles Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration. |
Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-arva-gfmd-wben
Aliases: CVE-2000-0062 GHSA-wcwp-r3fj-mm3p |
Zope DTML implementation Improper Authentication The DTML implementation in the Z Object Publishing Environment (Zope) allows remote attackers to conduct unauthorized activities. | There are no reported fixed by versions. |
|
VCID-ergv-fuww-9qbe
Aliases: CVE-2000-1211 GHSA-h2xh-jvpf-xq42 |
Zope does not properly perform security registration for legacy names Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities. | There are no reported fixed by versions. |
|
VCID-p3q3-3s7a-euhm
Aliases: CVE-2000-1212 GHSA-7whr-j8vf-r4wj |
Zope allows attackers to modify raw image and file data Zope 2.2.0 through 2.2.4 does not properly protect a data updating method on Image and File objects, which allows attackers with DTML editing privileges to modify the raw data of these objects. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||