5 matches found
EUVD-2022-1752
Malicious code in bioql PyPI...
PYSEC-2023-118
RestrictedPython is a tool that helps to define a subset of the Python language which allows users to provide a program input into a trusted environment. RestrictedPython does not check access to stack frames and their attributes. Stack frames are accessible within at least generators and generat...
GHSA-H2XH-JVPF-XQ42 Zope does not properly perform security registration for legacy names
Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities...
Zope does not properly perform security registration for legacy names
Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities...
Mandrake Linux Security Advisory : Zope (MDKSA-2000:083)
There is an issue involving security registration of 'legacy' names for certain object constructors such as the constructors for DTML Method Objects. Security was not being applied correctly for the legacy names, making it possible to call those constructors without the permissions that should ha...