GCVE - cpe:2.3:a:zope:zope:2.13.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:zope:zope:2.13.0:*:*:*:*:*:*:*

part: a version: 2.13.0 update: *

Vendor	Zope (`400d8950-2847-5748-8fcd-7612c2170a9a`)
Product	Zope (`0a3941f2-1c45-5687-af62-1666d59c833f`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2012-5489`	vulnerable	2026-06-08 05:02:56.779009	Details available The App.Undo.UndoSupport.get_request_var_or_attr function in Zope before 2.12.21 and 3.13.x before 2.13.11, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote authenticated users to gain access to restricted attributes via unspecified vectors. Published: 2014-09-30T14:00:00.000Z Updated: 2024-08-06T21:05:47.309Z Open on db.gcve.eu Reference links https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt http://www.openwall.com/lists/oss-security/2012/11/10/1 https://plone.org/products/plone/security/advisories/20121106/05 https://bugs.launchpad.net/zope2/+bug/1079238 https://plone.org/products/plone-hotfix/releases/20121106	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-3587`	vulnerable	2026-06-08 04:59:26.500882	Details available Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules. Published: 2011-10-10T10:00:00.000Z Updated: 2024-08-06T23:37:48.380Z Open on db.gcve.eu Reference links https://bugzilla.redhat.com/show_bug.cgi?id=742297 http://secunia.com/advisories/46221 http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0 http://secunia.com/advisories/46323 http://plone.org/products/plone/security/advisories/20110928	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-2528`	vulnerable	2026-06-08 04:58:07.473944	Details available Unspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x before 2.13.8, as used in Plone 4.x and other products, and (2) PloneHotfix20110720 for Plone 3.x allows attackers to gain privileges via unspecified vectors, related to a "highly serious vulnerability." NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-0720. Published: 2011-07-19T20:00:00.000Z Updated: 2024-08-06T23:08:21.987Z Open on db.gcve.eu Reference links http://secunia.com/advisories/45056 http://plone.org/products/plone/security/advisories/20110622 https://bugzilla.redhat.com/show_bug.cgi?id=718824 http://www.openwall.com/lists/oss-security/2011/07/12/9 https://mail.zope.org/pipermail/zope-announce/2011-June/002260.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.