GCVE - cpe:2.3:a:plone:plone_docker_official

Approved changes feed: RSS · Atom

cpe:2.3:a:plone:plone_docker_official_image:5.2.13:*:*:*:*:*:*:*

part: a version: 5.2.13 update: *

Vendor	Plone (`20065100-5fec-5b5e-bb46-a6d4673848e0`)
Product	Plone Docker Official Image (`e1a6c677-23fa-52a4-be97-2ede3f98a93a`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:docker/plone`	purl2cpe	2026-06-01 10:16:04.191490
`pkg:github/plone/plone.docker`	purl2cpe	2026-06-01 10:16:04.191491
`pkg:pypi/plone`	purl2cpe	2026-06-01 10:16:04.191493

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-23055`	vulnerable	2026-06-03 14:55:01.544588	Details available An issue in Plone Docker Official Image 5.2.13 (5221) open-source software allows for remote code execution via improper validation of input by the HOST headers. Published: 2024-01-25T00:00:00.000Z Updated: 2025-06-17T14:19:33.191Z Open on db.gcve.eu Reference links http://plone.com http://ploneorg.com https://github.com/c0d3x27/CVEs/tree/main/CVE-2024-23055	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-23054`	vulnerable	2026-06-03 14:55:01.544020	Details available An issue in Plone Docker Official Image 5.2.13 (5221) open-source software that could allow for remote code execution due to a package listed in ++plone++static/components not existing in the public package index (npm). Published: 2024-02-05T00:00:00.000Z Updated: 2024-08-01T22:51:11.248Z Open on db.gcve.eu Reference links http://plone.com http://ploneorg.com https://github.com/c0d3x27/CVEs/blob/main/CVE-2024-23054/README.md	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.