PYSEC-2014-40
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/plone/PYSEC-2014-40.yaml
- JSON Data
- https://api.test.osv.dev/v1/vulns/PYSEC-2014-40
- Aliases
-
- CVE-2012-5498
- GHSA-97rj-p794-wq6m
- Published
- 2014-09-30T14:55:00Z
- Modified
- 2023-11-01T04:44:52.169347Z
- Summary
- [none]
- Details
-
queryCatalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to bypass caching and cause a denial of service via a crafted request to a collection.
- References
-
- http://www.openwall.com/lists/oss-security/2012/11/10/1
- https://plone.org/products/plone-hotfix/releases/20121106
- http://www.openwall.com/lists/oss-security/2012/11/09/7
- https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
- https://plone.org/products/plone/security/advisories/20121106/14
- http://rhn.redhat.com/errata/RHSA-2014-1194.html
Affected packages
PyPI / plone
Package
- Name
- plone
- View open source insights on deps.dev
- Purl
- pkg:pypi/plone
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.2.3Introduced4.3a0Fixed4.3b1
Affected versions
3.*
3.2a1
3.2rc1
3.2
3.2.1
3.2.2
3.2.3
3.3b1
3.3rc1
3.3rc2
3.3rc3
3.3rc4
3.3rc5
3.3
3.3.1
3.3.2
3.3.3
3.3.4
3.3.5
3.3.6
4.*
4.0a1
4.0a2
4.0a3
4.0a4
4.0a5
4.0b1
4.0b2
4.0b3
4.0b4
4.0b5
4.0rc1
4.0
4.0.1
4.0.2
4.0.3
4.0.4
4.0.5
4.0.6
4.0.7
4.0.8
4.0.9
4.0.10
4.1a1
4.1a2
4.1a3
4.1b1
4.1b2
4.1rc2
4.1rc3
4.1
4.1.1
4.1.2
4.1.3
4.1.4
4.1.5
4.1.6
4.2a1
4.2a2
4.2b1
4.2b2
4.2rc1
4.2rc2
4.2
4.2.1
4.2.2
4.3a1
4.3a2