GoogleOSV:GHSA-QH4Q-FWF8-QQRWZope Denial of Service (DoS) vulnerability in ZServer
7 High
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.014 Low
EPSS
Percentile
86.0%
ZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows remote attackers to cause a denial of service (crash of worker threads) via vectors that trigger uncaught exceptions.
References
www.zope.org/Products/Zope/2.10.12/CHANGES.txt
www.zope.org/Products/Zope/2.11.7/CHANGES.txt
bugs.launchpad.net/zope2/+bug/627988
github.com/zopefoundation/Zope
github.com/zopefoundation/Zope/commit/0f2f56f63e4a4d695ee670e02b317e900550dbac
github.com/zopefoundation/Zope/commit/e03a5f036d42ed2426886c9035fe018eeec65de4
mail.zope.org/pipermail/zope-announce/2010-September/002247.html
nvd.nist.gov/vuln/detail/CVE-2010-3198
web.archive.org/web/20200229173503/www.securityfocus.com/bid/42939
Related
7 High
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.014 Low
EPSS
Percentile
86.0%