GCVE - cpe:2.3:a:zope:zope:2.1.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:zope:zope:2.1.1:*:*:*:*:*:*:*

part: a version: 2.1.1 update: *

Vendor	Zope (`400d8950-2847-5748-8fcd-7612c2170a9a`)
Product	Zope (`0a3941f2-1c45-5687-af62-1666d59c833f`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/zopefoundation/zope`	purl2cpe	2026-06-01 10:18:07.059040
`pkg:pypi/zope`	purl2cpe	2026-06-01 10:18:07.059041
`pkg:sourceforge/zope`	purl2cpe	2026-06-01 10:18:07.059043

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2008-5102`	vulnerable	2026-06-08 04:50:49.537511	Details available PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other products, allows remote authenticated users to cause a denial of service (resource consumption or application halt) via certain (1) raise or (2) import statements. Published: 2008-11-17T18:00:00.000Z Updated: 2024-08-07T10:40:17.174Z Open on db.gcve.eu Reference links http://mail.zope.org/pipermail/zope/2008-August/174025.html http://bugs.gentoo.org/show_bug.cgi?id=246411 https://bugs.launchpad.net/zope2/+bug/257269 http://www.zope.org/Products/Zope/Hotfix-2008-08-12/README.txt http://www.zope.org/Products/Zope/Hotfix-2008-08-12/Hotfix_20080812-1.1.0.tar.gz	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0725`	vulnerable	2026-06-08 04:45:18.678220	Details available Zope before 2.2.1 does not properly restrict access to the getRoles method, which allows users who can edit DTML to add or modify roles by modifying the roles list that is included in a request. Published: 2000-10-13T04:00:00.000Z Updated: 2024-08-08T05:28:41.342Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/bugtraq/2000-08/0259.html http://www.debian.org/security/2000/20000821 http://www.securityfocus.com/bid/1577 http://www.zope.org/Products/Zope/Hotfix_08_09_2000/security_alert http://www.redhat.com/support/errata/RHSA-2000-052.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0483`	vulnerable	2026-06-08 04:45:18.135371	Details available The DocumentTemplate package in Zope 2.2 and earlier allows a remote attacker to modify DTMLDocuments or DTMLMethods without authorization. Published: 2000-10-13T04:00:00.000Z Updated: 2024-08-08T05:21:30.650Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/bugtraq/2000-06/0144.html https://exchange.xforce.ibmcloud.com/vulnerabilities/4716 http://archives.neohapsis.com/archives/bugtraq/2000-07/0412.html ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00%3A38.zope.asc http://www.redhat.com/support/errata/RHSA-2000-038.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0062`	vulnerable	2026-06-08 04:44:58.378902	Details available The DTML implementation in the Z Object Publishing Environment (Zope) allows remote attackers to conduct unauthorized activities. Published: 2000-04-18T04:00:00.000Z Updated: 2024-08-08T05:05:53.919Z Open on db.gcve.eu Reference links http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000104222219.B41650%40schvin.net http://www.securityfocus.com/bid/922	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.