GCVE - cpe:2.3:a:zope:zope:2.2.0a1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:zope:zope:2.2.0a1:*:*:*:*:*:*:*

part: a version: 2.2.0a1 update: *

Vendor	Zope (`400d8950-2847-5748-8fcd-7612c2170a9a`)
Product	Zope (`0a3941f2-1c45-5687-af62-1666d59c833f`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/zopefoundation/zope`	purl2cpe	2026-06-01 10:18:07.119961
`pkg:pypi/zope`	purl2cpe	2026-06-01 10:18:07.119963
`pkg:sourceforge/zope`	purl2cpe	2026-06-01 10:18:07.119964

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2008-5102`	vulnerable	2026-06-08 04:50:49.543148	Details available PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other products, allows remote authenticated users to cause a denial of service (resource consumption or application halt) via certain (1) raise or (2) import statements. Published: 2008-11-17T18:00:00.000Z Updated: 2024-08-07T10:40:17.174Z Open on db.gcve.eu Reference links http://mail.zope.org/pipermail/zope/2008-August/174025.html http://bugs.gentoo.org/show_bug.cgi?id=246411 https://bugs.launchpad.net/zope2/+bug/257269 http://www.zope.org/Products/Zope/Hotfix-2008-08-12/README.txt http://www.zope.org/Products/Zope/Hotfix-2008-08-12/Hotfix_20080812-1.1.0.tar.gz	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-1212`	vulnerable	2026-06-08 04:45:19.466220	Details available Zope 2.2.0 through 2.2.4 does not properly protect a data updating method on Image and File objects, which allows attackers with DTML editing privileges to modify the raw data of these objects. Published: 2003-04-02T05:00:00.000Z Updated: 2024-08-08T05:45:37.325Z Open on db.gcve.eu Reference links http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:086 http://www.zope.org/Products/Zope/Hotfix_2000-12-18/security_alert http://www.debian.org/security/2001/dsa-007 http://www.redhat.com/support/errata/RHSA-2000-135.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5778	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-1211`	vulnerable	2026-06-08 04:45:19.461290	Details available Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities. Published: 2003-04-02T05:00:00.000Z Updated: 2024-08-08T05:45:37.457Z Open on db.gcve.eu Reference links http://www.zope.org/Products/Zope/Hotfix_2000-12-08/security_alert http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-083.php3 http://www.iss.net/security_center/static/5824.php http://www.redhat.com/support/errata/RHSA-2000-125.html http://www.osvdb.org/6282	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.