VulnerableCode Package Details - pkg:pypi/zope@2.5.1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/zope@2.5.1

Essentials
History (2)

purl	pkg:pypi/zope@2.5.1

Next non-vulnerable version	2.6.0
Latest non-vulnerable version	5.8.6
Risk

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-3zsv-kmr1-2fe8 Aliases: CVE-2002-0688 GHSA-7944-h5rw-qmjx	ZCatalog plug-in for Zope allows anonymous users to bypass access restrictions ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes.	2.6.0 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-68cx-x4us-ryfa	Zope does not properly verify the access for objects with proxy roles Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.	CVE-2002-0170 GHSA-c3rp-4cjh-cp38

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:42:12.125765+00:00	GitLab Importer	Fixing	VCID-68cx-x4us-ryfa	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/zope/CVE-2002-0170.yml	38.6.0
2026-06-02T04:42:11.595225+00:00	GitLab Importer	Affected by	VCID-3zsv-kmr1-2fe8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/zope/CVE-2002-0688.yml	38.6.0