PYSEC-2014-76
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/zope2/PYSEC-2014-76.yaml
- JSON Data
- https://api.test.osv.dev/v1/vulns/PYSEC-2014-76
- Aliases
-
- CVE-2012-6661
- GHSA-48vv-2pmq-9fvv
- PYSEC-2014-51
- Published
- 2014-11-03T22:55:00Z
- Modified
- 2023-11-01T04:44:55.560604Z
- Summary
- [none]
- Details
-
Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, does not reseed the pseudo-random number generator (PRNG), which makes it easier for remote attackers to guess the value via unspecified vectors. NOTE: this issue was SPLIT from CVE-2012-5508 due to different vulnerability types (ADT2).
- References
-
- https://plone.org/products/plone/security/advisories/20121106/24
- https://plone.org/products/plone-hotfix/releases/20121124
- https://bugs.launchpad.net/zope2/+bug/1071067
- http://www.openwall.com/lists/oss-security/2012/11/10/1
- https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
- https://github.com/advisories/GHSA-48vv-2pmq-9fvv
Affected packages
PyPI / zope2
Package
- Name
- zope2
- View open source insights on deps.dev
- Purl
- pkg:pypi/zope2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.13.19
Affected versions
2.*
2.12.0.a1
2.12.0a2
2.12.0a3
2.12.0a4
2.12.0b1
2.12.0b2
2.12.0b3
2.12.0b4
2.12.0c1
2.12.0
2.12.1
2.12.2
2.12.3
2.12.4
2.12.5
2.12.6
2.12.7
2.12.8
2.12.9
2.12.10
2.12.11
2.12.12
2.12.13
2.12.14
2.12.15
2.12.16
2.12.17
2.12.18
2.12.19
2.12.20
2.12.21
2.12.22
2.12.23
2.12.24
2.12.25
2.12.26
2.12.27
2.12.28
2.13.0a1
2.13.0a2
2.13.0a3
2.13.0a4
2.13.0b1
2.13.0c1
2.13.0
2.13.1
2.13.2
2.13.3
2.13.4
2.13.5
2.13.6
2.13.7
2.13.8
2.13.9
2.13.10
2.13.11
2.13.12
2.13.13
2.13.14
2.13.15
2.13.16
2.13.17
2.13.18