Lucene search

K

Accesscontrol Security Vulnerabilities

cve
cve

CVE-2021-32807

The module AccessControl defines security policies for Python code used in restricted code within Zope applications. Restricted code is any code that resides in Zope's object database, such as the contents of Script (Python) objects. The policies defined in AccessControl severely restrict access to...

7.2CVSS

7.1AI Score

0.009EPSS

2021-07-30 10:15 PM
92
2
cve
cve

CVE-2021-32811

Zope is an open-source web application server. Zope versions prior to versions 4.6.3 and 5.3 have a remote code execution security issue. In order to be affected, one must use Python 3 for one's Zope deployment, run Zope 4 below version 4.6.3 or Zope 5 below version 5.3, and have the optional Produ...

7.5CVSS

7.2AI Score

0.009EPSS

2021-08-02 10:15 PM
50
4
cve
cve

CVE-2023-41050

AccessControl provides a general security framework for use in Zope. Python's "format" functionality allows someone controlling the format string to "read" objects accessible (recursively) via attribute access and subscription from accessible objects. Those attribute accesses and subscriptions use ...

7.7CVSS

7.5AI Score

0.001EPSS

2023-09-06 06:15 PM
20