PYSEC-2009-10

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/zodb3/PYSEC-2009-10.yaml
JSON Data
https://api.test.osv.dev/v1/vulns/PYSEC-2009-10
Aliases
Published
2009-09-08T18:30:00Z
Modified
2024-04-22T19:26:46.637151Z
Summary
[none]
Details

Unspecified vulnerability in the Zope Enterprise Objects (ZEO) storage-server functionality in Zope Object Database (ZODB) 3.8 before 3.8.3 and 3.9.x before 3.9.0c2, when certain ZEO database sharing and blob support are enabled, allows remote authenticated users to read or delete arbitrary files via unknown vectors.

References

Affected packages

PyPI / zodb3

Package

Name
zodb3
View open source insights on deps.dev
Purl
pkg:pypi/zodb3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.8
Fixed
3.8.3
Introduced
3.9a0
Fixed
3.9.0c2

Affected versions

3.*

3.8.0
3.8.1b1
3.8.1b2
3.8.1b3
3.8.1b4
3.8.1b5
3.8.1b6
3.8.1b7
3.8.1b8
3.8.1b9
3.8.1
3.8.2
3.8.3b1
3.9.0a1
3.9.0a2
3.9.0a3
3.9.0a4
3.9.0a5
3.9.0a6
3.9.0a7
3.9.0a9
3.9.0a10
3.9.0a11
3.9.0a12
3.9.0b1
3.9.0b2
3.9.0b3
3.9.0b4
3.9.0b5
3.9.0c1