Vulnerabilities > Zope
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-07 | CVE-2024-24811 | SQL Injection vulnerability in Zope Sqlalchemyda SQLAlchemyDA is a generic database adapter for ZSQL methods. | 9.8 |
| 2023-10-04 | CVE-2023-44389 | Cross-site Scripting vulnerability in Zope Zope is an open-source web application server. | 4.8 |
| 2023-09-21 | CVE-2023-42458 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Zope Zope is an open-source web application server. | 5.4 |
| 2023-09-06 | CVE-2023-41050 | Information Exposure vulnerability in Zope Accesscontrol AccessControl provides a general security framework for use in Zope. | 7.7 |
| 2023-08-30 | CVE-2023-41039 | Injection vulnerability in Zope Restrictedpython RestrictedPython is a restricted execution environment for Python to run untrusted code. | 7.7 |
| 2023-07-11 | CVE-2023-37271 | Improper Control of Dynamically-Managed Code Resources vulnerability in Zope Restrictedpython RestrictedPython is a tool that helps to define a subset of the Python language which allows users to provide a program input into a trusted environment. | 9.9 |
| 2023-07-03 | CVE-2023-36814 | Allocation of Resources Without Limits or Throttling vulnerability in Zope Products.Cmfcore Products.CMFCore are the key framework services for the Zope Content Management Framework (CMF). | 7.5 |
| 2021-08-02 | CVE-2021-32811 | Unspecified vulnerability in Zope Accesscontrol and Zope Zope is an open-source web application server. | 7.2 |
| 2021-07-30 | CVE-2021-32807 | Unspecified vulnerability in Zope Accesscontrol The module `AccessControl` defines security policies for Python code used in restricted code within Zope applications. | 7.2 |
| 2021-07-01 | CVE-2021-36089 | Out-of-bounds Write vulnerability in Zope Grok Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::FileFormatDecompress::apply_palette_clr (called from grk::FileFormatDecompress::applyColour). | 6.8 |