{"url":"http://public2.vulnerablecode.io/api/packages/60637?format=json","purl":"pkg:pypi/zope2@2.8.9","type":"pypi","namespace":"","name":"zope2","version":"2.8.9","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.8.12","latest_non_vulnerable_version":"2.13.19","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7016?format=json","vulnerability_id":"VCID-3snn-k8cb-xbfe","summary":"The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary files via a csv_table directive, a different vulnerability than CVE-2006-3458.","references":[{"reference_url":"http://mail.zope.org/pipermail/zope-announce/2006-August/002005.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://mail.zope.org/pipermail/zope-announce/2006-August/002005.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4684","reference_id":"","reference_type":"","scores":[{"value":"0.00785","scoring_system":"epss","scoring_elements":"0.74072","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4684"},{"reference_url":"http://secunia.com/advisories/21947","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/21947"},{"reference_url":"http://secunia.com/advisories/21953","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/21953"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2006-8.yaml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2006-8.yaml"},{"reference_url":"https://github.com/zopefoundation/Zope","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/zopefoundation/Zope"},{"reference_url":"http://www.debian.org/security/2006/dsa-1176","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2006/dsa-1176"},{"reference_url":"http://www.securityfocus.com/bid/20022","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/20022"},{"reference_url":"http://www.vupen.com/english/advisories/2006/3653","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/3653"},{"reference_url":"http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2006-4684","reference_id":"CVE-2006-4684","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-4684"},{"reference_url":"https://github.com/advisories/GHSA-hm8g-jxjj-gfm3","reference_id":"GHSA-hm8g-jxjj-gfm3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hm8g-jxjj-gfm3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60637?format=json","purl":"pkg:pypi/zope2@2.8.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zope2@2.8.9"}],"aliases":["CVE-2006-4684","GHSA-hm8g-jxjj-gfm3","PYSEC-2006-8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3snn-k8cb-xbfe"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zope2@2.8.9"}