Critical severityNVD Advisory· Published Nov 7, 2007· Updated Jun 16, 2026
CVE-2007-5741
CVE-2007-5741
Description
Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python code via network data containing pickled objects for the (1) statusmessages or (2) linkintegrity module, which the module unpickles and executes.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
PlonePyPI | >= 2.5, < 2.5.5 | 2.5.5 |
PlonePyPI | >= 3.0, < 3.0.3 | 3.0.3 |
Affected products
9cpe:2.3:a:plone:plone:2.5:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:plone:plone:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:2.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:2.5.1_rc:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:2.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:2.5_beta1:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:3.0.2:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
16- secunia.com/advisories/27530nvdPatchVendor Advisory
- www.securityfocus.com/bid/26354nvdPatch
- github.com/advisories/GHSA-hf26-vvmx-x8c8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2007-5741ghsaADVISORY
- plone.org/about/security/advisories/cve-2007-5741nvdWEB
- www.debian.org/security/2007/dsa-1405nvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/38288nvdWEB
- github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2007-4.yamlghsaWEB
- web.archive.org/web/20080507055819/https://plone.org/about/security/advisories/cve-2007-5741ghsaWEB
- web.archive.org/web/20080517012557/http://www.securityfocus.com/bid/26354ghsaWEB
- web.archive.org/web/20080906150436/http://www.securityfocus.com/archive/1/483343/100/0/threadedghsaWEB
- osvdb.org/42071nvd
- osvdb.org/42072nvd
- secunia.com/advisories/27559nvd
- www.securityfocus.com/archive/1/483343/100/0/threadednvd
- www.vupen.com/english/advisories/2007/3754nvd
News mentions
0No linked articles in our index yet.