Accesscontrol Security Vulnerabilities and Issues — Accesscontrol CVE List

Lucene search

ZopefoundationAccesscontrol

3 matches found

CVE•added 2021/07/30 10:15 p.m.•109 views

CVE-2021-32807

The module AccessControl defines security policies for Python code used in restricted code within Zope applications. Restricted code is any code that resides in Zope's object database, such as the contents of Script (Python) objects. The policies defined in AccessControl severely restrict access to...

7.2CVSS6AI score0.01883EPSS

CVE•added 2024/11/04 11:15 p.m.•48 views

CVE-2024-51734

Zope AccessControl provides a general security framework for use in Zope. In affected versions anonymous users can delete the user data maintained by an AccessControl.userfolder.UserFolder which may prevent any privileged access. This problem has been fixed in version 7.2. Users are advised to upgr...

8.7CVSS3.7AI score0.00131EPSS

CVE•added 2023/09/06 6:15 p.m.•41 views

CVE-2023-41050

AccessControl provides a general security framework for use in Zope. Python's "format" functionality allows someone controlling the format string to "read" objects accessible (recursively) via attribute access and subscription from accessible objects. Those attribute accesses and subscriptions use ...

7.7CVSS7AI score0.00235EPSS