PyPI package
products.cmfcore
pkg:pypi/products.cmfcore
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-36814 | — | >= 3.0, < 3.2 | 3.2 | Jul 3, 2023 | Products.CMFCore are the key framework services for the Zope Content Management Framework (CMF). The use of Python's marshal module to handle unchecked input in a public method on `PortalFolder` objects can lead to an unauthenticated denial of service and crash situation. The cod | ||
| CVE-2021-33507 | — | < 2.5.1 | 2.5.1 | May 21, 2021 | Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS. |
- CVE-2023-36814Jul 3, 2023affected >= 3.0, < 3.2fixed 3.2
Products.CMFCore are the key framework services for the Zope Content Management Framework (CMF). The use of Python's marshal module to handle unchecked input in a public method on `PortalFolder` objects can lead to an unauthenticated denial of service and crash situation. The cod
- CVE-2021-33507May 21, 2021affected < 2.5.1fixed 2.5.1
Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS.