{"url":"http://public2.vulnerablecode.io/api/packages/63296?format=json","purl":"pkg:pypi/plone@2.1","type":"pypi","namespace":"","name":"plone","version":"2.1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.5.1","latest_non_vulnerable_version":"6.0.7","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34834?format=json","vulnerability_id":"VCID-4v5e-r5we-tffe","summary":"The isURLInPortal method in the URLTool class in in_portal.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 treats URLs starting with a space as a relative URL, which allows remote attackers to bypass the allow_external_login_sites filtering property,  redirect users to arbitrary web sites, and conduct phishing attacks via a space before a URL in the \"next\" parameter to acl_users/credentials_cookie_auth/require_login.","references":[{"reference_url":"http://plone.org/products/plone-hotfix/releases/20130618","reference_id":"","reference_type":"","scores":[],"url":"http://plone.org/products/plone-hotfix/releases/20130618"},{"reference_url":"http://plone.org/products/plone/security/advisories/20130618-announcement","reference_id":"","reference_type":"","scores":[],"url":"http://plone.org/products/plone/security/advisories/20130618-announcement"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4200","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4200"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-64.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-64.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/08/01/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2013/08/01/2"},{"reference_url":"http://www.securityfocus.com/archive/1/530787/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/530787/100/0/threaded"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4200","reference_id":"CVE-2013-4200","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4200"},{"reference_url":"https://github.com/advisories/GHSA-56p3-rrp4-2j82","reference_id":"GHSA-56p3-rrp4-2j82","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-56p3-rrp4-2j82"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7146?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2sk4-yc6h-17c4"},{"vulnerability":"VCID-5n6e-cha8-nyb8"},{"vulnerability":"VCID-5ry7-xy6b-5fag"},{"vulnerability":"VCID-6568-4ert-1bau"},{"vulnerability":"VCID-69ps-uetw-y3gf"},{"vulnerability":"VCID-8rp3-p3qe-x7ej"},{"vulnerability":"VCID-9gu8-dgkr-sua3"},{"vulnerability":"VCID-9kgy-2mwu-6yhd"},{"vulnerability":"VCID-ax8a-2g7j-6ya2"},{"vulnerability":"VCID-ay85-551m-vfej"},{"vulnerability":"VCID-basq-jjsf-3fbd"},{"vulnerability":"VCID-bmwk-nutp-r3fs"},{"vulnerability":"VCID-chqa-wbu7-eyak"},{"vulnerability":"VCID-cpwq-sq8b-4yhf"},{"vulnerability":"VCID-d42u-s7za-a3ad"},{"vulnerability":"VCID-dg61-tw4u-dbcc"},{"vulnerability":"VCID-dxqw-uf6r-vbbh"},{"vulnerability":"VCID-edq7-7ncc-mbfx"},{"vulnerability":"VCID-eg2r-ez9f-hkak"},{"vulnerability":"VCID-eu4z-htaq-c3d6"},{"vulnerability":"VCID-exan-4j3e-2qeh"},{"vulnerability":"VCID-fdpc-runu-ekah"},{"vulnerability":"VCID-g2ap-vh6r-yqds"},{"vulnerability":"VCID-g6ky-pfur-7kfg"},{"vulnerability":"VCID-gdtw-2d1s-2bbw"},{"vulnerability":"VCID-h4kd-eh8g-gude"},{"vulnerability":"VCID-h8ur-tnzd-afay"},{"vulnerability":"VCID-hb93-ea78-8ygv"},{"vulnerability":"VCID-hhux-xufk-ube2"},{"vulnerability":"VCID-khhr-m295-23gs"},{"vulnerability":"VCID-khsn-43tn-37bx"},{"vulnerability":"VCID-krfw-xa2b-vue5"},{"vulnerability":"VCID-kz14-79we-xbfe"},{"vulnerability":"VCID-mt5t-3gsw-7fde"},{"vulnerability":"VCID-n4nh-4rq4-r7hx"},{"vulnerability":"VCID-p71t-er3d-9fdn"},{"vulnerability":"VCID-pb2y-jwn1-wbck"},{"vulnerability":"VCID-pgrv-sncf-cqca"},{"vulnerability":"VCID-pzke-4by2-w3hk"},{"vulnerability":"VCID-q7nt-b3s9-9kf6"},{"vulnerability":"VCID-r52t-hx1j-ufa1"},{"vulnerability":"VCID-svbc-dj3m-t7av"},{"vulnerability":"VCID-tc7w-wttv-vfed"},{"vulnerability":"VCID-uykg-p1e9-mfd8"},{"vulnerability":"VCID-vgga-a2ga-t3hw"},{"vulnerability":"VCID-vr9k-9xch-4yc7"},{"vulnerability":"VCID-w2mv-zekv-8fcv"},{"vulnerability":"VCID-wuas-tkd4-rkd4"},{"vulnerability":"VCID-x2xm-hpc2-uubq"},{"vulnerability":"VCID-x6y6-xx1a-7kfd"},{"vulnerability":"VCID-xpq8-npn5-kyb9"},{"vulnerability":"VCID-yfkz-3xu3-vyc9"},{"vulnerability":"VCID-yhzr-hb68-cfd6"},{"vulnerability":"VCID-zd73-fvwg-nbgx"},{"vulnerability":"VCID-zwnj-revc-vbd6"},{"vulnerability":"VCID-zy2g-gzmk-1qcz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7900?format=json","purl":"pkg:pypi/plone@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17w2-gd3m-2qff"},{"vulnerability":"VCID-5n6e-cha8-nyb8"},{"vulnerability":"VCID-5ry7-xy6b-5fag"},{"vulnerability":"VCID-6568-4ert-1bau"},{"vulnerability":"VCID-69ps-uetw-y3gf"},{"vulnerability":"VCID-8rp3-p3qe-x7ej"},{"vulnerability":"VCID-9gu8-dgkr-sua3"},{"vulnerability":"VCID-ax8a-2g7j-6ya2"},{"vulnerability":"VCID-ay85-551m-vfej"},{"vulnerability":"VCID-basq-jjsf-3fbd"},{"vulnerability":"VCID-bmwk-nutp-r3fs"},{"vulnerability":"VCID-cpwq-sq8b-4yhf"},{"vulnerability":"VCID-d42u-s7za-a3ad"},{"vulnerability":"VCID-dg61-tw4u-dbcc"},{"vulnerability":"VCID-edq7-7ncc-mbfx"},{"vulnerability":"VCID-eu4z-htaq-c3d6"},{"vulnerability":"VCID-exan-4j3e-2qeh"},{"vulnerability":"VCID-fdpc-runu-ekah"},{"vulnerability":"VCID-h4kd-eh8g-gude"},{"vulnerability":"VCID-hhux-xufk-ube2"},{"vulnerability":"VCID-mn7t-zgfw-tqfw"},{"vulnerability":"VCID-n4nh-4rq4-r7hx"},{"vulnerability":"VCID-p71t-er3d-9fdn"},{"vulnerability":"VCID-pzke-4by2-w3hk"},{"vulnerability":"VCID-q7nt-b3s9-9kf6"},{"vulnerability":"VCID-r52t-hx1j-ufa1"},{"vulnerability":"VCID-vgga-a2ga-t3hw"},{"vulnerability":"VCID-w2mv-zekv-8fcv"},{"vulnerability":"VCID-wuas-tkd4-rkd4"},{"vulnerability":"VCID-x2xm-hpc2-uubq"},{"vulnerability":"VCID-yfkz-3xu3-vyc9"},{"vulnerability":"VCID-zwnj-revc-vbd6"},{"vulnerability":"VCID-zy2g-gzmk-1qcz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/7901?format=json","purl":"pkg:pypi/plone@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17w2-gd3m-2qff"},{"vulnerability":"VCID-5n6e-cha8-nyb8"},{"vulnerability":"VCID-5ry7-xy6b-5fag"},{"vulnerability":"VCID-6568-4ert-1bau"},{"vulnerability":"VCID-69ps-uetw-y3gf"},{"vulnerability":"VCID-8rp3-p3qe-x7ej"},{"vulnerability":"VCID-8wkk-84ky-17ak"},{"vulnerability":"VCID-9gu8-dgkr-sua3"},{"vulnerability":"VCID-ax8a-2g7j-6ya2"},{"vulnerability":"VCID-ay85-551m-vfej"},{"vulnerability":"VCID-basq-jjsf-3fbd"},{"vulnerability":"VCID-bmwk-nutp-r3fs"},{"vulnerability":"VCID-cpwq-sq8b-4yhf"},{"vulnerability":"VCID-d42u-s7za-a3ad"},{"vulnerability":"VCID-dg61-tw4u-dbcc"},{"vulnerability":"VCID-edq7-7ncc-mbfx"},{"vulnerability":"VCID-eu4z-htaq-c3d6"},{"vulnerability":"VCID-exan-4j3e-2qeh"},{"vulnerability":"VCID-fdpc-runu-ekah"},{"vulnerability":"VCID-h4kd-eh8g-gude"},{"vulnerability":"VCID-hhux-xufk-ube2"},{"vulnerability":"VCID-j8fv-uhxw-jkcw"},{"vulnerability":"VCID-mn7t-zgfw-tqfw"},{"vulnerability":"VCID-n4nh-4rq4-r7hx"},{"vulnerability":"VCID-p71t-er3d-9fdn"},{"vulnerability":"VCID-pzke-4by2-w3hk"},{"vulnerability":"VCID-q7nt-b3s9-9kf6"},{"vulnerability":"VCID-r52t-hx1j-ufa1"},{"vulnerability":"VCID-vgga-a2ga-t3hw"},{"vulnerability":"VCID-w2mv-zekv-8fcv"},{"vulnerability":"VCID-wuas-tkd4-rkd4"},{"vulnerability":"VCID-x2xm-hpc2-uubq"},{"vulnerability":"VCID-yfkz-3xu3-vyc9"},{"vulnerability":"VCID-z4jt-v88h-77er"},{"vulnerability":"VCID-zwnj-revc-vbd6"},{"vulnerability":"VCID-zy2g-gzmk-1qcz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2"}],"aliases":["CVE-2013-4200","GHSA-56p3-rrp4-2j82","PYSEC-2014-64"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4v5e-r5we-tffe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34843?format=json","vulnerability_id":"VCID-nrxp-p6rx-8kdd","summary":"Multiple open redirect vulnerabilities in (1) marmoset_patch.py, (2) publish.py, and (3) principiaredirect.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.","references":[{"reference_url":"http://plone.org/products/plone-hotfix/releases/20130618","reference_id":"","reference_type":"","scores":[],"url":"http://plone.org/products/plone-hotfix/releases/20130618"},{"reference_url":"http://plone.org/products/plone/security/advisories/20130618-announcement","reference_id":"","reference_type":"","scores":[],"url":"http://plone.org/products/plone/security/advisories/20130618-announcement"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=978471","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=978471"},{"reference_url":"http://seclists.org/oss-sec/2013/q3/261","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/oss-sec/2013/q3/261"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-59.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-59.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4195","reference_id":"CVE-2013-4195","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4195"},{"reference_url":"https://github.com/advisories/GHSA-j67j-8hrp-76xm","reference_id":"GHSA-j67j-8hrp-76xm","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-j67j-8hrp-76xm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7146?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2sk4-yc6h-17c4"},{"vulnerability":"VCID-5n6e-cha8-nyb8"},{"vulnerability":"VCID-5ry7-xy6b-5fag"},{"vulnerability":"VCID-6568-4ert-1bau"},{"vulnerability":"VCID-69ps-uetw-y3gf"},{"vulnerability":"VCID-8rp3-p3qe-x7ej"},{"vulnerability":"VCID-9gu8-dgkr-sua3"},{"vulnerability":"VCID-9kgy-2mwu-6yhd"},{"vulnerability":"VCID-ax8a-2g7j-6ya2"},{"vulnerability":"VCID-ay85-551m-vfej"},{"vulnerability":"VCID-basq-jjsf-3fbd"},{"vulnerability":"VCID-bmwk-nutp-r3fs"},{"vulnerability":"VCID-chqa-wbu7-eyak"},{"vulnerability":"VCID-cpwq-sq8b-4yhf"},{"vulnerability":"VCID-d42u-s7za-a3ad"},{"vulnerability":"VCID-dg61-tw4u-dbcc"},{"vulnerability":"VCID-dxqw-uf6r-vbbh"},{"vulnerability":"VCID-edq7-7ncc-mbfx"},{"vulnerability":"VCID-eg2r-ez9f-hkak"},{"vulnerability":"VCID-eu4z-htaq-c3d6"},{"vulnerability":"VCID-exan-4j3e-2qeh"},{"vulnerability":"VCID-fdpc-runu-ekah"},{"vulnerability":"VCID-g2ap-vh6r-yqds"},{"vulnerability":"VCID-g6ky-pfur-7kfg"},{"vulnerability":"VCID-gdtw-2d1s-2bbw"},{"vulnerability":"VCID-h4kd-eh8g-gude"},{"vulnerability":"VCID-h8ur-tnzd-afay"},{"vulnerability":"VCID-hb93-ea78-8ygv"},{"vulnerability":"VCID-hhux-xufk-ube2"},{"vulnerability":"VCID-khhr-m295-23gs"},{"vulnerability":"VCID-khsn-43tn-37bx"},{"vulnerability":"VCID-krfw-xa2b-vue5"},{"vulnerability":"VCID-kz14-79we-xbfe"},{"vulnerability":"VCID-mt5t-3gsw-7fde"},{"vulnerability":"VCID-n4nh-4rq4-r7hx"},{"vulnerability":"VCID-p71t-er3d-9fdn"},{"vulnerability":"VCID-pb2y-jwn1-wbck"},{"vulnerability":"VCID-pgrv-sncf-cqca"},{"vulnerability":"VCID-pzke-4by2-w3hk"},{"vulnerability":"VCID-q7nt-b3s9-9kf6"},{"vulnerability":"VCID-r52t-hx1j-ufa1"},{"vulnerability":"VCID-svbc-dj3m-t7av"},{"vulnerability":"VCID-tc7w-wttv-vfed"},{"vulnerability":"VCID-uykg-p1e9-mfd8"},{"vulnerability":"VCID-vgga-a2ga-t3hw"},{"vulnerability":"VCID-vr9k-9xch-4yc7"},{"vulnerability":"VCID-w2mv-zekv-8fcv"},{"vulnerability":"VCID-wuas-tkd4-rkd4"},{"vulnerability":"VCID-x2xm-hpc2-uubq"},{"vulnerability":"VCID-x6y6-xx1a-7kfd"},{"vulnerability":"VCID-xpq8-npn5-kyb9"},{"vulnerability":"VCID-yfkz-3xu3-vyc9"},{"vulnerability":"VCID-yhzr-hb68-cfd6"},{"vulnerability":"VCID-zd73-fvwg-nbgx"},{"vulnerability":"VCID-zwnj-revc-vbd6"},{"vulnerability":"VCID-zy2g-gzmk-1qcz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7900?format=json","purl":"pkg:pypi/plone@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17w2-gd3m-2qff"},{"vulnerability":"VCID-5n6e-cha8-nyb8"},{"vulnerability":"VCID-5ry7-xy6b-5fag"},{"vulnerability":"VCID-6568-4ert-1bau"},{"vulnerability":"VCID-69ps-uetw-y3gf"},{"vulnerability":"VCID-8rp3-p3qe-x7ej"},{"vulnerability":"VCID-9gu8-dgkr-sua3"},{"vulnerability":"VCID-ax8a-2g7j-6ya2"},{"vulnerability":"VCID-ay85-551m-vfej"},{"vulnerability":"VCID-basq-jjsf-3fbd"},{"vulnerability":"VCID-bmwk-nutp-r3fs"},{"vulnerability":"VCID-cpwq-sq8b-4yhf"},{"vulnerability":"VCID-d42u-s7za-a3ad"},{"vulnerability":"VCID-dg61-tw4u-dbcc"},{"vulnerability":"VCID-edq7-7ncc-mbfx"},{"vulnerability":"VCID-eu4z-htaq-c3d6"},{"vulnerability":"VCID-exan-4j3e-2qeh"},{"vulnerability":"VCID-fdpc-runu-ekah"},{"vulnerability":"VCID-h4kd-eh8g-gude"},{"vulnerability":"VCID-hhux-xufk-ube2"},{"vulnerability":"VCID-mn7t-zgfw-tqfw"},{"vulnerability":"VCID-n4nh-4rq4-r7hx"},{"vulnerability":"VCID-p71t-er3d-9fdn"},{"vulnerability":"VCID-pzke-4by2-w3hk"},{"vulnerability":"VCID-q7nt-b3s9-9kf6"},{"vulnerability":"VCID-r52t-hx1j-ufa1"},{"vulnerability":"VCID-vgga-a2ga-t3hw"},{"vulnerability":"VCID-w2mv-zekv-8fcv"},{"vulnerability":"VCID-wuas-tkd4-rkd4"},{"vulnerability":"VCID-x2xm-hpc2-uubq"},{"vulnerability":"VCID-yfkz-3xu3-vyc9"},{"vulnerability":"VCID-zwnj-revc-vbd6"},{"vulnerability":"VCID-zy2g-gzmk-1qcz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/7901?format=json","purl":"pkg:pypi/plone@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17w2-gd3m-2qff"},{"vulnerability":"VCID-5n6e-cha8-nyb8"},{"vulnerability":"VCID-5ry7-xy6b-5fag"},{"vulnerability":"VCID-6568-4ert-1bau"},{"vulnerability":"VCID-69ps-uetw-y3gf"},{"vulnerability":"VCID-8rp3-p3qe-x7ej"},{"vulnerability":"VCID-8wkk-84ky-17ak"},{"vulnerability":"VCID-9gu8-dgkr-sua3"},{"vulnerability":"VCID-ax8a-2g7j-6ya2"},{"vulnerability":"VCID-ay85-551m-vfej"},{"vulnerability":"VCID-basq-jjsf-3fbd"},{"vulnerability":"VCID-bmwk-nutp-r3fs"},{"vulnerability":"VCID-cpwq-sq8b-4yhf"},{"vulnerability":"VCID-d42u-s7za-a3ad"},{"vulnerability":"VCID-dg61-tw4u-dbcc"},{"vulnerability":"VCID-edq7-7ncc-mbfx"},{"vulnerability":"VCID-eu4z-htaq-c3d6"},{"vulnerability":"VCID-exan-4j3e-2qeh"},{"vulnerability":"VCID-fdpc-runu-ekah"},{"vulnerability":"VCID-h4kd-eh8g-gude"},{"vulnerability":"VCID-hhux-xufk-ube2"},{"vulnerability":"VCID-j8fv-uhxw-jkcw"},{"vulnerability":"VCID-mn7t-zgfw-tqfw"},{"vulnerability":"VCID-n4nh-4rq4-r7hx"},{"vulnerability":"VCID-p71t-er3d-9fdn"},{"vulnerability":"VCID-pzke-4by2-w3hk"},{"vulnerability":"VCID-q7nt-b3s9-9kf6"},{"vulnerability":"VCID-r52t-hx1j-ufa1"},{"vulnerability":"VCID-vgga-a2ga-t3hw"},{"vulnerability":"VCID-w2mv-zekv-8fcv"},{"vulnerability":"VCID-wuas-tkd4-rkd4"},{"vulnerability":"VCID-x2xm-hpc2-uubq"},{"vulnerability":"VCID-yfkz-3xu3-vyc9"},{"vulnerability":"VCID-z4jt-v88h-77er"},{"vulnerability":"VCID-zwnj-revc-vbd6"},{"vulnerability":"VCID-zy2g-gzmk-1qcz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2"}],"aliases":["CVE-2013-4195","GHSA-j67j-8hrp-76xm","PYSEC-2014-59"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nrxp-p6rx-8kdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34844?format=json","vulnerability_id":"VCID-shjb-m9k6-uuf1","summary":"(1) cb_decode.py and (2) linkintegrity.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote authenticated users to cause a denial of service (resource consumption) via a large zip archive, which is expanded (decompressed).","references":[{"reference_url":"http://plone.org/products/plone-hotfix/releases/20130618","reference_id":"","reference_type":"","scores":[],"url":"http://plone.org/products/plone-hotfix/releases/20130618"},{"reference_url":"http://plone.org/products/plone/security/advisories/20130618-announcement","reference_id":"","reference_type":"","scores":[],"url":"http://plone.org/products/plone/security/advisories/20130618-announcement"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=978482","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=978482"},{"reference_url":"http://seclists.org/oss-sec/2013/q3/261","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/oss-sec/2013/q3/261"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-63.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-63.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4199","reference_id":"CVE-2013-4199","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4199"},{"reference_url":"https://github.com/advisories/GHSA-xfjq-9rxq-ph6m","reference_id":"GHSA-xfjq-9rxq-ph6m","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-xfjq-9rxq-ph6m"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7146?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2sk4-yc6h-17c4"},{"vulnerability":"VCID-5n6e-cha8-nyb8"},{"vulnerability":"VCID-5ry7-xy6b-5fag"},{"vulnerability":"VCID-6568-4ert-1bau"},{"vulnerability":"VCID-69ps-uetw-y3gf"},{"vulnerability":"VCID-8rp3-p3qe-x7ej"},{"vulnerability":"VCID-9gu8-dgkr-sua3"},{"vulnerability":"VCID-9kgy-2mwu-6yhd"},{"vulnerability":"VCID-ax8a-2g7j-6ya2"},{"vulnerability":"VCID-ay85-551m-vfej"},{"vulnerability":"VCID-basq-jjsf-3fbd"},{"vulnerability":"VCID-bmwk-nutp-r3fs"},{"vulnerability":"VCID-chqa-wbu7-eyak"},{"vulnerability":"VCID-cpwq-sq8b-4yhf"},{"vulnerability":"VCID-d42u-s7za-a3ad"},{"vulnerability":"VCID-dg61-tw4u-dbcc"},{"vulnerability":"VCID-dxqw-uf6r-vbbh"},{"vulnerability":"VCID-edq7-7ncc-mbfx"},{"vulnerability":"VCID-eg2r-ez9f-hkak"},{"vulnerability":"VCID-eu4z-htaq-c3d6"},{"vulnerability":"VCID-exan-4j3e-2qeh"},{"vulnerability":"VCID-fdpc-runu-ekah"},{"vulnerability":"VCID-g2ap-vh6r-yqds"},{"vulnerability":"VCID-g6ky-pfur-7kfg"},{"vulnerability":"VCID-gdtw-2d1s-2bbw"},{"vulnerability":"VCID-h4kd-eh8g-gude"},{"vulnerability":"VCID-h8ur-tnzd-afay"},{"vulnerability":"VCID-hb93-ea78-8ygv"},{"vulnerability":"VCID-hhux-xufk-ube2"},{"vulnerability":"VCID-khhr-m295-23gs"},{"vulnerability":"VCID-khsn-43tn-37bx"},{"vulnerability":"VCID-krfw-xa2b-vue5"},{"vulnerability":"VCID-kz14-79we-xbfe"},{"vulnerability":"VCID-mt5t-3gsw-7fde"},{"vulnerability":"VCID-n4nh-4rq4-r7hx"},{"vulnerability":"VCID-p71t-er3d-9fdn"},{"vulnerability":"VCID-pb2y-jwn1-wbck"},{"vulnerability":"VCID-pgrv-sncf-cqca"},{"vulnerability":"VCID-pzke-4by2-w3hk"},{"vulnerability":"VCID-q7nt-b3s9-9kf6"},{"vulnerability":"VCID-r52t-hx1j-ufa1"},{"vulnerability":"VCID-svbc-dj3m-t7av"},{"vulnerability":"VCID-tc7w-wttv-vfed"},{"vulnerability":"VCID-uykg-p1e9-mfd8"},{"vulnerability":"VCID-vgga-a2ga-t3hw"},{"vulnerability":"VCID-vr9k-9xch-4yc7"},{"vulnerability":"VCID-w2mv-zekv-8fcv"},{"vulnerability":"VCID-wuas-tkd4-rkd4"},{"vulnerability":"VCID-x2xm-hpc2-uubq"},{"vulnerability":"VCID-x6y6-xx1a-7kfd"},{"vulnerability":"VCID-xpq8-npn5-kyb9"},{"vulnerability":"VCID-yfkz-3xu3-vyc9"},{"vulnerability":"VCID-yhzr-hb68-cfd6"},{"vulnerability":"VCID-zd73-fvwg-nbgx"},{"vulnerability":"VCID-zwnj-revc-vbd6"},{"vulnerability":"VCID-zy2g-gzmk-1qcz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7900?format=json","purl":"pkg:pypi/plone@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17w2-gd3m-2qff"},{"vulnerability":"VCID-5n6e-cha8-nyb8"},{"vulnerability":"VCID-5ry7-xy6b-5fag"},{"vulnerability":"VCID-6568-4ert-1bau"},{"vulnerability":"VCID-69ps-uetw-y3gf"},{"vulnerability":"VCID-8rp3-p3qe-x7ej"},{"vulnerability":"VCID-9gu8-dgkr-sua3"},{"vulnerability":"VCID-ax8a-2g7j-6ya2"},{"vulnerability":"VCID-ay85-551m-vfej"},{"vulnerability":"VCID-basq-jjsf-3fbd"},{"vulnerability":"VCID-bmwk-nutp-r3fs"},{"vulnerability":"VCID-cpwq-sq8b-4yhf"},{"vulnerability":"VCID-d42u-s7za-a3ad"},{"vulnerability":"VCID-dg61-tw4u-dbcc"},{"vulnerability":"VCID-edq7-7ncc-mbfx"},{"vulnerability":"VCID-eu4z-htaq-c3d6"},{"vulnerability":"VCID-exan-4j3e-2qeh"},{"vulnerability":"VCID-fdpc-runu-ekah"},{"vulnerability":"VCID-h4kd-eh8g-gude"},{"vulnerability":"VCID-hhux-xufk-ube2"},{"vulnerability":"VCID-mn7t-zgfw-tqfw"},{"vulnerability":"VCID-n4nh-4rq4-r7hx"},{"vulnerability":"VCID-p71t-er3d-9fdn"},{"vulnerability":"VCID-pzke-4by2-w3hk"},{"vulnerability":"VCID-q7nt-b3s9-9kf6"},{"vulnerability":"VCID-r52t-hx1j-ufa1"},{"vulnerability":"VCID-vgga-a2ga-t3hw"},{"vulnerability":"VCID-w2mv-zekv-8fcv"},{"vulnerability":"VCID-wuas-tkd4-rkd4"},{"vulnerability":"VCID-x2xm-hpc2-uubq"},{"vulnerability":"VCID-yfkz-3xu3-vyc9"},{"vulnerability":"VCID-zwnj-revc-vbd6"},{"vulnerability":"VCID-zy2g-gzmk-1qcz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/7901?format=json","purl":"pkg:pypi/plone@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17w2-gd3m-2qff"},{"vulnerability":"VCID-5n6e-cha8-nyb8"},{"vulnerability":"VCID-5ry7-xy6b-5fag"},{"vulnerability":"VCID-6568-4ert-1bau"},{"vulnerability":"VCID-69ps-uetw-y3gf"},{"vulnerability":"VCID-8rp3-p3qe-x7ej"},{"vulnerability":"VCID-8wkk-84ky-17ak"},{"vulnerability":"VCID-9gu8-dgkr-sua3"},{"vulnerability":"VCID-ax8a-2g7j-6ya2"},{"vulnerability":"VCID-ay85-551m-vfej"},{"vulnerability":"VCID-basq-jjsf-3fbd"},{"vulnerability":"VCID-bmwk-nutp-r3fs"},{"vulnerability":"VCID-cpwq-sq8b-4yhf"},{"vulnerability":"VCID-d42u-s7za-a3ad"},{"vulnerability":"VCID-dg61-tw4u-dbcc"},{"vulnerability":"VCID-edq7-7ncc-mbfx"},{"vulnerability":"VCID-eu4z-htaq-c3d6"},{"vulnerability":"VCID-exan-4j3e-2qeh"},{"vulnerability":"VCID-fdpc-runu-ekah"},{"vulnerability":"VCID-h4kd-eh8g-gude"},{"vulnerability":"VCID-hhux-xufk-ube2"},{"vulnerability":"VCID-j8fv-uhxw-jkcw"},{"vulnerability":"VCID-mn7t-zgfw-tqfw"},{"vulnerability":"VCID-n4nh-4rq4-r7hx"},{"vulnerability":"VCID-p71t-er3d-9fdn"},{"vulnerability":"VCID-pzke-4by2-w3hk"},{"vulnerability":"VCID-q7nt-b3s9-9kf6"},{"vulnerability":"VCID-r52t-hx1j-ufa1"},{"vulnerability":"VCID-vgga-a2ga-t3hw"},{"vulnerability":"VCID-w2mv-zekv-8fcv"},{"vulnerability":"VCID-wuas-tkd4-rkd4"},{"vulnerability":"VCID-x2xm-hpc2-uubq"},{"vulnerability":"VCID-yfkz-3xu3-vyc9"},{"vulnerability":"VCID-z4jt-v88h-77er"},{"vulnerability":"VCID-zwnj-revc-vbd6"},{"vulnerability":"VCID-zy2g-gzmk-1qcz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2"}],"aliases":["CVE-2013-4199","GHSA-xfjq-9rxq-ph6m","PYSEC-2014-63"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-shjb-m9k6-uuf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34852?format=json","vulnerability_id":"VCID-ud5f-7gx8-83d6","summary":"The object manager implementation (objectmanager.py) in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly restrict access to internal methods, which allows remote attackers to obtain sensitive information via a crafted request.","references":[{"reference_url":"http://plone.org/products/plone-hotfix/releases/20130618","reference_id":"","reference_type":"","scores":[],"url":"http://plone.org/products/plone-hotfix/releases/20130618"},{"reference_url":"http://plone.org/products/plone/security/advisories/20130618-announcement","reference_id":"","reference_type":"","scores":[],"url":"http://plone.org/products/plone/security/advisories/20130618-announcement"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=978475","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=978475"},{"reference_url":"http://seclists.org/oss-sec/2013/q3/261","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/oss-sec/2013/q3/261"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-60.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-60.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4196","reference_id":"CVE-2013-4196","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4196"},{"reference_url":"https://github.com/advisories/GHSA-qphh-5fv5-2mjj","reference_id":"GHSA-qphh-5fv5-2mjj","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-qphh-5fv5-2mjj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7146?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2sk4-yc6h-17c4"},{"vulnerability":"VCID-5n6e-cha8-nyb8"},{"vulnerability":"VCID-5ry7-xy6b-5fag"},{"vulnerability":"VCID-6568-4ert-1bau"},{"vulnerability":"VCID-69ps-uetw-y3gf"},{"vulnerability":"VCID-8rp3-p3qe-x7ej"},{"vulnerability":"VCID-9gu8-dgkr-sua3"},{"vulnerability":"VCID-9kgy-2mwu-6yhd"},{"vulnerability":"VCID-ax8a-2g7j-6ya2"},{"vulnerability":"VCID-ay85-551m-vfej"},{"vulnerability":"VCID-basq-jjsf-3fbd"},{"vulnerability":"VCID-bmwk-nutp-r3fs"},{"vulnerability":"VCID-chqa-wbu7-eyak"},{"vulnerability":"VCID-cpwq-sq8b-4yhf"},{"vulnerability":"VCID-d42u-s7za-a3ad"},{"vulnerability":"VCID-dg61-tw4u-dbcc"},{"vulnerability":"VCID-dxqw-uf6r-vbbh"},{"vulnerability":"VCID-edq7-7ncc-mbfx"},{"vulnerability":"VCID-eg2r-ez9f-hkak"},{"vulnerability":"VCID-eu4z-htaq-c3d6"},{"vulnerability":"VCID-exan-4j3e-2qeh"},{"vulnerability":"VCID-fdpc-runu-ekah"},{"vulnerability":"VCID-g2ap-vh6r-yqds"},{"vulnerability":"VCID-g6ky-pfur-7kfg"},{"vulnerability":"VCID-gdtw-2d1s-2bbw"},{"vulnerability":"VCID-h4kd-eh8g-gude"},{"vulnerability":"VCID-h8ur-tnzd-afay"},{"vulnerability":"VCID-hb93-ea78-8ygv"},{"vulnerability":"VCID-hhux-xufk-ube2"},{"vulnerability":"VCID-khhr-m295-23gs"},{"vulnerability":"VCID-khsn-43tn-37bx"},{"vulnerability":"VCID-krfw-xa2b-vue5"},{"vulnerability":"VCID-kz14-79we-xbfe"},{"vulnerability":"VCID-mt5t-3gsw-7fde"},{"vulnerability":"VCID-n4nh-4rq4-r7hx"},{"vulnerability":"VCID-p71t-er3d-9fdn"},{"vulnerability":"VCID-pb2y-jwn1-wbck"},{"vulnerability":"VCID-pgrv-sncf-cqca"},{"vulnerability":"VCID-pzke-4by2-w3hk"},{"vulnerability":"VCID-q7nt-b3s9-9kf6"},{"vulnerability":"VCID-r52t-hx1j-ufa1"},{"vulnerability":"VCID-svbc-dj3m-t7av"},{"vulnerability":"VCID-tc7w-wttv-vfed"},{"vulnerability":"VCID-uykg-p1e9-mfd8"},{"vulnerability":"VCID-vgga-a2ga-t3hw"},{"vulnerability":"VCID-vr9k-9xch-4yc7"},{"vulnerability":"VCID-w2mv-zekv-8fcv"},{"vulnerability":"VCID-wuas-tkd4-rkd4"},{"vulnerability":"VCID-x2xm-hpc2-uubq"},{"vulnerability":"VCID-x6y6-xx1a-7kfd"},{"vulnerability":"VCID-xpq8-npn5-kyb9"},{"vulnerability":"VCID-yfkz-3xu3-vyc9"},{"vulnerability":"VCID-yhzr-hb68-cfd6"},{"vulnerability":"VCID-zd73-fvwg-nbgx"},{"vulnerability":"VCID-zwnj-revc-vbd6"},{"vulnerability":"VCID-zy2g-gzmk-1qcz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7900?format=json","purl":"pkg:pypi/plone@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17w2-gd3m-2qff"},{"vulnerability":"VCID-5n6e-cha8-nyb8"},{"vulnerability":"VCID-5ry7-xy6b-5fag"},{"vulnerability":"VCID-6568-4ert-1bau"},{"vulnerability":"VCID-69ps-uetw-y3gf"},{"vulnerability":"VCID-8rp3-p3qe-x7ej"},{"vulnerability":"VCID-9gu8-dgkr-sua3"},{"vulnerability":"VCID-ax8a-2g7j-6ya2"},{"vulnerability":"VCID-ay85-551m-vfej"},{"vulnerability":"VCID-basq-jjsf-3fbd"},{"vulnerability":"VCID-bmwk-nutp-r3fs"},{"vulnerability":"VCID-cpwq-sq8b-4yhf"},{"vulnerability":"VCID-d42u-s7za-a3ad"},{"vulnerability":"VCID-dg61-tw4u-dbcc"},{"vulnerability":"VCID-edq7-7ncc-mbfx"},{"vulnerability":"VCID-eu4z-htaq-c3d6"},{"vulnerability":"VCID-exan-4j3e-2qeh"},{"vulnerability":"VCID-fdpc-runu-ekah"},{"vulnerability":"VCID-h4kd-eh8g-gude"},{"vulnerability":"VCID-hhux-xufk-ube2"},{"vulnerability":"VCID-mn7t-zgfw-tqfw"},{"vulnerability":"VCID-n4nh-4rq4-r7hx"},{"vulnerability":"VCID-p71t-er3d-9fdn"},{"vulnerability":"VCID-pzke-4by2-w3hk"},{"vulnerability":"VCID-q7nt-b3s9-9kf6"},{"vulnerability":"VCID-r52t-hx1j-ufa1"},{"vulnerability":"VCID-vgga-a2ga-t3hw"},{"vulnerability":"VCID-w2mv-zekv-8fcv"},{"vulnerability":"VCID-wuas-tkd4-rkd4"},{"vulnerability":"VCID-x2xm-hpc2-uubq"},{"vulnerability":"VCID-yfkz-3xu3-vyc9"},{"vulnerability":"VCID-zwnj-revc-vbd6"},{"vulnerability":"VCID-zy2g-gzmk-1qcz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/7901?format=json","purl":"pkg:pypi/plone@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17w2-gd3m-2qff"},{"vulnerability":"VCID-5n6e-cha8-nyb8"},{"vulnerability":"VCID-5ry7-xy6b-5fag"},{"vulnerability":"VCID-6568-4ert-1bau"},{"vulnerability":"VCID-69ps-uetw-y3gf"},{"vulnerability":"VCID-8rp3-p3qe-x7ej"},{"vulnerability":"VCID-8wkk-84ky-17ak"},{"vulnerability":"VCID-9gu8-dgkr-sua3"},{"vulnerability":"VCID-ax8a-2g7j-6ya2"},{"vulnerability":"VCID-ay85-551m-vfej"},{"vulnerability":"VCID-basq-jjsf-3fbd"},{"vulnerability":"VCID-bmwk-nutp-r3fs"},{"vulnerability":"VCID-cpwq-sq8b-4yhf"},{"vulnerability":"VCID-d42u-s7za-a3ad"},{"vulnerability":"VCID-dg61-tw4u-dbcc"},{"vulnerability":"VCID-edq7-7ncc-mbfx"},{"vulnerability":"VCID-eu4z-htaq-c3d6"},{"vulnerability":"VCID-exan-4j3e-2qeh"},{"vulnerability":"VCID-fdpc-runu-ekah"},{"vulnerability":"VCID-h4kd-eh8g-gude"},{"vulnerability":"VCID-hhux-xufk-ube2"},{"vulnerability":"VCID-j8fv-uhxw-jkcw"},{"vulnerability":"VCID-mn7t-zgfw-tqfw"},{"vulnerability":"VCID-n4nh-4rq4-r7hx"},{"vulnerability":"VCID-p71t-er3d-9fdn"},{"vulnerability":"VCID-pzke-4by2-w3hk"},{"vulnerability":"VCID-q7nt-b3s9-9kf6"},{"vulnerability":"VCID-r52t-hx1j-ufa1"},{"vulnerability":"VCID-vgga-a2ga-t3hw"},{"vulnerability":"VCID-w2mv-zekv-8fcv"},{"vulnerability":"VCID-wuas-tkd4-rkd4"},{"vulnerability":"VCID-x2xm-hpc2-uubq"},{"vulnerability":"VCID-yfkz-3xu3-vyc9"},{"vulnerability":"VCID-z4jt-v88h-77er"},{"vulnerability":"VCID-zwnj-revc-vbd6"},{"vulnerability":"VCID-zy2g-gzmk-1qcz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2"}],"aliases":["CVE-2013-4196","GHSA-qphh-5fv5-2mjj","PYSEC-2014-60"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ud5f-7gx8-83d6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34850?format=json","vulnerability_id":"VCID-yuph-y2fa-3uaa","summary":"The WYSIWYG component (wysiwyg.py) in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote attackers to obtain sensitive information via a crafted URL, which reveals the installation path in an error message.","references":[{"reference_url":"http://plone.org/products/plone-hotfix/releases/20130618","reference_id":"","reference_type":"","scores":[],"url":"http://plone.org/products/plone-hotfix/releases/20130618"},{"reference_url":"http://plone.org/products/plone/security/advisories/20130618-announcement","reference_id":"","reference_type":"","scores":[],"url":"http://plone.org/products/plone/security/advisories/20130618-announcement"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=978470","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=978470"},{"reference_url":"http://seclists.org/oss-sec/2013/q3/261","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/oss-sec/2013/q3/261"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-58.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-58.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4194","reference_id":"CVE-2013-4194","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4194"},{"reference_url":"https://github.com/advisories/GHSA-mm32-jw73-9227","reference_id":"GHSA-mm32-jw73-9227","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-mm32-jw73-9227"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7146?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2sk4-yc6h-17c4"},{"vulnerability":"VCID-5n6e-cha8-nyb8"},{"vulnerability":"VCID-5ry7-xy6b-5fag"},{"vulnerability":"VCID-6568-4ert-1bau"},{"vulnerability":"VCID-69ps-uetw-y3gf"},{"vulnerability":"VCID-8rp3-p3qe-x7ej"},{"vulnerability":"VCID-9gu8-dgkr-sua3"},{"vulnerability":"VCID-9kgy-2mwu-6yhd"},{"vulnerability":"VCID-ax8a-2g7j-6ya2"},{"vulnerability":"VCID-ay85-551m-vfej"},{"vulnerability":"VCID-basq-jjsf-3fbd"},{"vulnerability":"VCID-bmwk-nutp-r3fs"},{"vulnerability":"VCID-chqa-wbu7-eyak"},{"vulnerability":"VCID-cpwq-sq8b-4yhf"},{"vulnerability":"VCID-d42u-s7za-a3ad"},{"vulnerability":"VCID-dg61-tw4u-dbcc"},{"vulnerability":"VCID-dxqw-uf6r-vbbh"},{"vulnerability":"VCID-edq7-7ncc-mbfx"},{"vulnerability":"VCID-eg2r-ez9f-hkak"},{"vulnerability":"VCID-eu4z-htaq-c3d6"},{"vulnerability":"VCID-exan-4j3e-2qeh"},{"vulnerability":"VCID-fdpc-runu-ekah"},{"vulnerability":"VCID-g2ap-vh6r-yqds"},{"vulnerability":"VCID-g6ky-pfur-7kfg"},{"vulnerability":"VCID-gdtw-2d1s-2bbw"},{"vulnerability":"VCID-h4kd-eh8g-gude"},{"vulnerability":"VCID-h8ur-tnzd-afay"},{"vulnerability":"VCID-hb93-ea78-8ygv"},{"vulnerability":"VCID-hhux-xufk-ube2"},{"vulnerability":"VCID-khhr-m295-23gs"},{"vulnerability":"VCID-khsn-43tn-37bx"},{"vulnerability":"VCID-krfw-xa2b-vue5"},{"vulnerability":"VCID-kz14-79we-xbfe"},{"vulnerability":"VCID-mt5t-3gsw-7fde"},{"vulnerability":"VCID-n4nh-4rq4-r7hx"},{"vulnerability":"VCID-p71t-er3d-9fdn"},{"vulnerability":"VCID-pb2y-jwn1-wbck"},{"vulnerability":"VCID-pgrv-sncf-cqca"},{"vulnerability":"VCID-pzke-4by2-w3hk"},{"vulnerability":"VCID-q7nt-b3s9-9kf6"},{"vulnerability":"VCID-r52t-hx1j-ufa1"},{"vulnerability":"VCID-svbc-dj3m-t7av"},{"vulnerability":"VCID-tc7w-wttv-vfed"},{"vulnerability":"VCID-uykg-p1e9-mfd8"},{"vulnerability":"VCID-vgga-a2ga-t3hw"},{"vulnerability":"VCID-vr9k-9xch-4yc7"},{"vulnerability":"VCID-w2mv-zekv-8fcv"},{"vulnerability":"VCID-wuas-tkd4-rkd4"},{"vulnerability":"VCID-x2xm-hpc2-uubq"},{"vulnerability":"VCID-x6y6-xx1a-7kfd"},{"vulnerability":"VCID-xpq8-npn5-kyb9"},{"vulnerability":"VCID-yfkz-3xu3-vyc9"},{"vulnerability":"VCID-yhzr-hb68-cfd6"},{"vulnerability":"VCID-zd73-fvwg-nbgx"},{"vulnerability":"VCID-zwnj-revc-vbd6"},{"vulnerability":"VCID-zy2g-gzmk-1qcz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7900?format=json","purl":"pkg:pypi/plone@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17w2-gd3m-2qff"},{"vulnerability":"VCID-5n6e-cha8-nyb8"},{"vulnerability":"VCID-5ry7-xy6b-5fag"},{"vulnerability":"VCID-6568-4ert-1bau"},{"vulnerability":"VCID-69ps-uetw-y3gf"},{"vulnerability":"VCID-8rp3-p3qe-x7ej"},{"vulnerability":"VCID-9gu8-dgkr-sua3"},{"vulnerability":"VCID-ax8a-2g7j-6ya2"},{"vulnerability":"VCID-ay85-551m-vfej"},{"vulnerability":"VCID-basq-jjsf-3fbd"},{"vulnerability":"VCID-bmwk-nutp-r3fs"},{"vulnerability":"VCID-cpwq-sq8b-4yhf"},{"vulnerability":"VCID-d42u-s7za-a3ad"},{"vulnerability":"VCID-dg61-tw4u-dbcc"},{"vulnerability":"VCID-edq7-7ncc-mbfx"},{"vulnerability":"VCID-eu4z-htaq-c3d6"},{"vulnerability":"VCID-exan-4j3e-2qeh"},{"vulnerability":"VCID-fdpc-runu-ekah"},{"vulnerability":"VCID-h4kd-eh8g-gude"},{"vulnerability":"VCID-hhux-xufk-ube2"},{"vulnerability":"VCID-mn7t-zgfw-tqfw"},{"vulnerability":"VCID-n4nh-4rq4-r7hx"},{"vulnerability":"VCID-p71t-er3d-9fdn"},{"vulnerability":"VCID-pzke-4by2-w3hk"},{"vulnerability":"VCID-q7nt-b3s9-9kf6"},{"vulnerability":"VCID-r52t-hx1j-ufa1"},{"vulnerability":"VCID-vgga-a2ga-t3hw"},{"vulnerability":"VCID-w2mv-zekv-8fcv"},{"vulnerability":"VCID-wuas-tkd4-rkd4"},{"vulnerability":"VCID-x2xm-hpc2-uubq"},{"vulnerability":"VCID-yfkz-3xu3-vyc9"},{"vulnerability":"VCID-zwnj-revc-vbd6"},{"vulnerability":"VCID-zy2g-gzmk-1qcz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/7901?format=json","purl":"pkg:pypi/plone@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17w2-gd3m-2qff"},{"vulnerability":"VCID-5n6e-cha8-nyb8"},{"vulnerability":"VCID-5ry7-xy6b-5fag"},{"vulnerability":"VCID-6568-4ert-1bau"},{"vulnerability":"VCID-69ps-uetw-y3gf"},{"vulnerability":"VCID-8rp3-p3qe-x7ej"},{"vulnerability":"VCID-8wkk-84ky-17ak"},{"vulnerability":"VCID-9gu8-dgkr-sua3"},{"vulnerability":"VCID-ax8a-2g7j-6ya2"},{"vulnerability":"VCID-ay85-551m-vfej"},{"vulnerability":"VCID-basq-jjsf-3fbd"},{"vulnerability":"VCID-bmwk-nutp-r3fs"},{"vulnerability":"VCID-cpwq-sq8b-4yhf"},{"vulnerability":"VCID-d42u-s7za-a3ad"},{"vulnerability":"VCID-dg61-tw4u-dbcc"},{"vulnerability":"VCID-edq7-7ncc-mbfx"},{"vulnerability":"VCID-eu4z-htaq-c3d6"},{"vulnerability":"VCID-exan-4j3e-2qeh"},{"vulnerability":"VCID-fdpc-runu-ekah"},{"vulnerability":"VCID-h4kd-eh8g-gude"},{"vulnerability":"VCID-hhux-xufk-ube2"},{"vulnerability":"VCID-j8fv-uhxw-jkcw"},{"vulnerability":"VCID-mn7t-zgfw-tqfw"},{"vulnerability":"VCID-n4nh-4rq4-r7hx"},{"vulnerability":"VCID-p71t-er3d-9fdn"},{"vulnerability":"VCID-pzke-4by2-w3hk"},{"vulnerability":"VCID-q7nt-b3s9-9kf6"},{"vulnerability":"VCID-r52t-hx1j-ufa1"},{"vulnerability":"VCID-vgga-a2ga-t3hw"},{"vulnerability":"VCID-w2mv-zekv-8fcv"},{"vulnerability":"VCID-wuas-tkd4-rkd4"},{"vulnerability":"VCID-x2xm-hpc2-uubq"},{"vulnerability":"VCID-yfkz-3xu3-vyc9"},{"vulnerability":"VCID-z4jt-v88h-77er"},{"vulnerability":"VCID-zwnj-revc-vbd6"},{"vulnerability":"VCID-zy2g-gzmk-1qcz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2"}],"aliases":["CVE-2013-4194","GHSA-mm32-jw73-9227","PYSEC-2014-58"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yuph-y2fa-3uaa"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@2.1"}