Lucene search
K

4 matches found

CNNVD
CNNVD
added 2021/05/21 12:0 a.m.5 views

Plone 代码问题漏洞

Plone is the Plone Foundation's open source content management system running on the Zope application server. A server-side request forgery vulnerability exists in Plone 5.2.4 and earlier versions. An attacker can exploit this vulnerability to initiate a server-side request using the lxml parser...

7.5CVSS7.4AI score0.01195EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2021/04/07 9:14 p.m.7 views

plone-app-z3cform (>=4.0.0a1 <=4.0.0a10) potentially affected by CVE-2020-28736 via plone-app-dexterity (=2.5.2)

plone-app-dexterity PYPI version =2.5.2 is affected by a known vulnerability. The following packages have a transitive dependency on plone-app-dexterity and may be impacted: - plone-app-z3cform =4.0.0a1, =4.0.0a10 Source cves: CVE-2020-28736 Source advisory: OSV:GHSA-2C8C-84W2-J38J...

8.8CVSS7.2AI score0.01066EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/04/07 9:13 p.m.6 views

plone-app-z3cform (>=4.0.0a1 <=4.0.0a10) potentially affected by CVE-2020-28735 via plone-app-dexterity (=2.5.2)

plone-app-dexterity PYPI version =2.5.2 is affected by a known vulnerability. The following packages have a transitive dependency on plone-app-dexterity and may be impacted: - plone-app-z3cform =4.0.0a1, =4.0.0a10 Source cves: CVE-2020-28735 Source advisory: OSV:GHSA-X7WF-5MJC-6X76...

8.8CVSS7.2AI score0.01066EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/04/07 9:13 p.m.3 views

plone-app-z3cform (>=4.0.0a1 <=4.0.0a10) potentially affected by CVE-2020-28734 via plone-app-dexterity (=2.5.2)

plone-app-dexterity PYPI version =2.5.2 is affected by a known vulnerability. The following packages have a transitive dependency on plone-app-dexterity and may be impacted: - plone-app-z3cform =4.0.0a1, =4.0.0a10 Source cves: CVE-2020-28734 Source advisory: OSV:GHSA-WQ6X-G685-W5F2...

8.8CVSS7.2AI score0.01066EPSS
Exploits0
Rows per page
Query Builder