Critical severityNVD Advisory· Published Aug 7, 2009· Updated Jun 16, 2026
CVE-2009-0668
CVE-2009-0668
Description
Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ZODB3PyPI | < 3.8.2 | 3.8.2 |
Affected products
19cpe:2.3:a:zope:zodb:*:*:*:*:*:*:*:*+ 16 more
- cpe:2.3:a:zope:zodb:*:*:*:*:*:*:*:*range: <=3.8.1
- cpe:2.3:a:zope:zodb:2.10.9:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zodb:2.11.4:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zodb:2.8.11:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zodb:2.9.11:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zodb:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zodb:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zodb:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zodb:3.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zodb:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zodb:3.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zodb:3.4:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zodb:3.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zodb:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zodb:3.6:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zodb:3.7:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zodb:3.8.0:*:*:*:*:*:*:*
- osv-coords2 versions
< 1:3.8.2-1+ 1 more
- (no CPE)range: < 1:3.8.2-1
- (no CPE)range: < 3.8.2
Patches
Vulnerability mechanics
References
14- secunia.com/advisories/36204nvdVendor Advisory
- secunia.com/advisories/36205nvdVendor Advisory
- github.com/advisories/GHSA-4x83-5gw5-q346ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2009-0668ghsaADVISORY
- mail.zope.org/pipermail/zope-announce/2009-August/002220.htmlnvdWEB
- pypi.python.org/pypi/ZODB3/3.8.2nvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/52377nvdWEB
- github.com/pypa/advisory-database/tree/main/vulns/zodb3/PYSEC-2009-8.yamlghsaWEB
- web.archive.org/web/20151023102330/http://secunia.com/advisories/36204ghsaWEB
- web.archive.org/web/20151023102336/http://secunia.com/advisories/36205ghsaWEB
- web.archive.org/web/20200229152709/http://www.securityfocus.com/bid/35987ghsaWEB
- osvdb.org/56827nvd
- www.securityfocus.com/bid/35987nvd
- www.vupen.com/english/advisories/2009/2217nvd
News mentions
0No linked articles in our index yet.