GCVE - cpe:2.3:a:zope:zodb:3.8.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:zope:zodb:3.8.0:*:*:*:*:*:*:*

part: a version: 3.8.0 update: *

Vendor	Zope (`400d8950-2847-5748-8fcd-7612c2170a9a`)
Product	Zodb (`07c90158-0f8b-5991-8b7a-7bc23d828a79`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/zopefoundation/zodb`	purl2cpe	2026-06-01 10:18:07.008002
`pkg:pypi/zodb3`	purl2cpe	2026-06-01 10:18:07.008003
`pkg:rpm/fedora/python-zodb3`	purl2cpe	2026-06-01 10:18:07.008005
`pkg:rpm/opensuse/python-zodb3`	purl2cpe	2026-06-01 10:18:07.008006

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2010-3495`	vulnerable	2026-06-08 04:55:14.865780	Details available Race condition in ZEO/StorageServer.py in Zope Object Database (ZODB) before 3.10.0 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, a related issue to CVE-2010-3492. Published: 2010-10-19T19:00:00.000Z Updated: 2024-08-07T03:11:44.310Z Open on db.gcve.eu Reference links http://www.openwall.com/lists/oss-security/2010/09/11/2 https://bugs.launchpad.net/zodb/+bug/135108 http://pypi.python.org/pypi/ZODB3/3.10.0#id1 http://www.openwall.com/lists/oss-security/2010/09/24/3 http://www.openwall.com/lists/oss-security/2010/09/22/3	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-2701`	vulnerable	2026-06-08 04:51:30.132959	Details available Unspecified vulnerability in the Zope Enterprise Objects (ZEO) storage-server functionality in Zope Object Database (ZODB) 3.8 before 3.8.3 and 3.9.x before 3.9.0c2, when certain ZEO database sharing and blob support are enabled, allows remote authenticated users to read or delete arbitrary files via unknown vectors. Published: 2009-09-08T18:00:00.000Z Updated: 2024-09-16T20:36:27.354Z Open on db.gcve.eu Reference links https://mail.zope.org/pipermail/zope-announce/2009-September/002221.html http://pypi.python.org/pypi/ZODB3/3.8.3 http://www.vupen.com/english/advisories/2009/2534 http://pypi.python.org/pypi/ZODB3/3.9.0c2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-0669`	vulnerable	2026-06-08 04:51:10.755975	Details available Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to bypass authentication via vectors involving the ZEO network protocol. Published: 2009-08-07T19:00:00.000Z Updated: 2024-08-07T04:40:05.323Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2009/2217 http://secunia.com/advisories/36204 http://osvdb.org/56826 https://exchange.xforce.ibmcloud.com/vulnerabilities/52379 http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-0668`	vulnerable	2026-06-08 04:51:10.754540	Details available Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol. Published: 2009-08-07T19:00:00.000Z Updated: 2024-08-07T04:40:05.110Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2009/2217 http://secunia.com/advisories/36204 https://exchange.xforce.ibmcloud.com/vulnerabilities/52377 http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2 http://secunia.com/advisories/36205	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.