zopefoundation Latest Vulnerabilities
Latest vulnerabilities published by zopefoundation
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Vulnerability in RestrictedPython Tool Affects Access Policy in Zope Foundation Applications
CVE-2026-55830ZopefoundationRestrictedpython8.3HIGHType Confusion Vulnerability in RestrictedPython Tool by Zope Foundation
CVE-2025-22153ZopefoundationRestrictedpython7.9HIGHZope AccessControl Security Fix: Anonymous Users Can Delete User Data
CVE-2024-51734ZopefoundationAccesscontrol8.7HIGHUnauthenticated Execution of Arbitrary SQL Statements Vulnerability Affects SQLAlchemyDA Users
CVE-2024-24811ZopefoundationProducts.sqlalchemyda9.8CRITICALZope management interface vulnerable to stored cross site scripting via the title property
CVE-2023-44389ZopefoundationZope3.1LOWZope vulnerable to Stored Cross Site Scripting with SVG images
CVE-2023-42458ZopefoundationZope3.7LOWInformation disclosure through Python's "format" functionality in Zope AccessControl
CVE-2023-41050ZopefoundationAccesscontrol6.8MEDIUMSandbox escape via various forms of "format" in RestrictedPython
CVE-2023-41039ZopefoundationRestrictedpython8.3HIGHRestrictedPython vulnerable to arbitrary code execution via stack frame sandbox escape
CVE-2023-37271ZopefoundationRestrictedpython8.4HIGHzopefoundation's Products.CMFCore vulnerable to unauthenticated denial of service and crash via unchecked use of input with Python's marshal module
CVE-2023-36814ZopefoundationProducts.cmfcore7.5HIGHRemote Code Execution via Script (Python) objects under Python 3
CVE-2021-32811ZopefoundationZope7.5HIGHRemote Code Execution via unsafe classes in otherwise permitted modules
CVE-2021-32807ZopefoundationAccesscontrol4.4MEDIUMRemote Code Execution via traversal in TAL expressions
CVE-2021-32674ZopefoundationZope8.8HIGHRemote Code Execution via traversal in TAL expressions
CVE-2021-32633ZopefoundationZope6.8MEDIUMExposure of Sensitive Information to an Unauthorized Actor in Products.GenericSetup
CVE-2021-21360ZopefoundationProducts.genericsetup5.3MEDIUMURL Redirection to Untrusted Site ('Open Redirect') in Products.PluggableAuthService
CVE-2021-21337ZopefoundationProducts.pluggableauth...5.7MEDIUMExposure of Sensitive Information to an Unauthorized Actor in Products.PluggableAuthService ZODBRoleManager
CVE-2021-21336ZopefoundationProducts.pluggableauth...6.5MEDIUM