{"url":"http://public2.vulnerablecode.io/api/packages/6926?format=json","purl":"pkg:pypi/zodb3@3.8.0b2","type":"pypi","namespace":"","name":"zodb3","version":"3.8.0b2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"3.10.0a1","latest_non_vulnerable_version":"3.10.0a1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34680?format=json","vulnerability_id":"VCID-1yu8-hwwc-pyc8","summary":"Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol.","references":[{"reference_url":"http://mail.zope.org/pipermail/zope-announce/2009-August/002220.html","reference_id":"","reference_type":"","scores":[],"url":"http://mail.zope.org/pipermail/zope-announce/2009-August/002220.html"},{"reference_url":"http://osvdb.org/56827","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/56827"},{"reference_url":"http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2","reference_id":"","reference_type":"","scores":[],"url":"http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2"},{"reference_url":"http://secunia.com/advisories/36204","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/36204"},{"reference_url":"http://secunia.com/advisories/36205","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/36205"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/52377","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/52377"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/zodb3/PYSEC-2009-8.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/zodb3/PYSEC-2009-8.yaml"},{"reference_url":"https://github.com/zopefoundation/ZODB3","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/zopefoundation/ZODB3"},{"reference_url":"https://web.archive.org/web/20151023102330/http://secunia.com/advisories/36204","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20151023102330/http://secunia.com/advisories/36204"},{"reference_url":"https://web.archive.org/web/20151023102336/http://secunia.com/advisories/36205","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20151023102336/http://secunia.com/advisories/36205"},{"reference_url":"https://web.archive.org/web/20200229152709/http://www.securityfocus.com/bid/35987","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20200229152709/http://www.securityfocus.com/bid/35987"},{"reference_url":"http://www.securityfocus.com/bid/35987","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/35987"},{"reference_url":"http://www.vupen.com/english/advisories/2009/2217","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/2217"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0668","reference_id":"CVE-2009-0668","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0668"},{"reference_url":"https://github.com/advisories/GHSA-4x83-5gw5-q346","reference_id":"GHSA-4x83-5gw5-q346","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-4x83-5gw5-q346"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6941?format=json","purl":"pkg:pypi/zodb3@3.8.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-msp8-4g67-cue6"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.2"}],"aliases":["CVE-2009-0668","GHSA-4x83-5gw5-q346","PYSEC-2009-8"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1yu8-hwwc-pyc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34681?format=json","vulnerability_id":"VCID-ebby-3w76-r7be","summary":"Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to bypass authentication via vectors involving the ZEO network protocol.","references":[{"reference_url":"http://mail.zope.org/pipermail/zope-announce/2009-August/002220.html","reference_id":"","reference_type":"","scores":[],"url":"http://mail.zope.org/pipermail/zope-announce/2009-August/002220.html"},{"reference_url":"http://osvdb.org/56826","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/56826"},{"reference_url":"http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2","reference_id":"","reference_type":"","scores":[],"url":"http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2"},{"reference_url":"http://secunia.com/advisories/36204","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/36204"},{"reference_url":"http://secunia.com/advisories/36205","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/36205"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/52379","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/52379"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/zodb3/PYSEC-2009-9.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/zodb3/PYSEC-2009-9.yaml"},{"reference_url":"https://github.com/zopefoundation/ZODB3","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/zopefoundation/ZODB3"},{"reference_url":"http://www.securityfocus.com/bid/35987","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/35987"},{"reference_url":"http://www.vupen.com/english/advisories/2009/2217","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/2217"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0669","reference_id":"CVE-2009-0669","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0669"},{"reference_url":"https://github.com/advisories/GHSA-5432-c996-hvhj","reference_id":"GHSA-5432-c996-hvhj","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-5432-c996-hvhj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6941?format=json","purl":"pkg:pypi/zodb3@3.8.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-msp8-4g67-cue6"},{"vulnerability":"VCID-qn4a-azp2-1qfs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.2"}],"aliases":["CVE-2009-0669","GHSA-5432-c996-hvhj","PYSEC-2009-9"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ebby-3w76-r7be"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34711?format=json","vulnerability_id":"VCID-qn4a-azp2-1qfs","summary":"Race condition in ZEO/StorageServer.py in Zope Object Database (ZODB) before 3.10.0 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, a related issue to CVE-2010-3492.","references":[{"reference_url":"http://bugs.python.org/issue6706","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.python.org/issue6706"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"},{"reference_url":"http://pypi.python.org/pypi/ZODB3/3.10.0#id1","reference_id":"","reference_type":"","scores":[],"url":"http://pypi.python.org/pypi/ZODB3/3.10.0#id1"},{"reference_url":"https://bugs.launchpad.net/zodb/+bug/135108","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.launchpad.net/zodb/+bug/135108"},{"reference_url":"http://secunia.com/advisories/41755","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/41755"},{"reference_url":"http://www.openwall.com/lists/oss-security/2010/09/09/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2010/09/09/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2010/09/11/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2010/09/11/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2010/09/22/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2010/09/22/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2010/09/24/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2010/09/24/3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7063?format=json","purl":"pkg:pypi/zodb3@3.10.0a1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.10.0a1"}],"aliases":["CVE-2010-3495","PYSEC-2010-27"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qn4a-azp2-1qfs"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/zodb3@3.8.0b2"}