Vulnerabilities > Zope > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-02-07 CVE-2024-24811 SQL Injection vulnerability in Zope Sqlalchemyda
SQLAlchemyDA is a generic database adapter for ZSQL methods.
network
low complexity
zope CWE-89
critical
9.8
2023-07-11 CVE-2023-37271 Improper Control of Dynamically-Managed Code Resources vulnerability in Zope Restrictedpython
RestrictedPython is a tool that helps to define a subset of the Python language which allows users to provide a program input into a trusted environment.
network
low complexity
zope CWE-913
critical
9.9
2011-10-10 CVE-2011-3587 Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.
network
plone zope
critical
9.3