PYSEC-2017-81
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/plone/PYSEC-2017-81.yaml
- JSON Data
- https://api.test.osv.dev/v1/vulns/PYSEC-2017-81
- Aliases
- Published
- 2017-03-23T16:59:00Z
- Modified
- 2023-11-01T04:48:12.296632Z
- Summary
- [none]
- Details
-
Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection mechanism and obtain sensitive information by leveraging the Python string format method.
- References
Affected packages
PyPI / plone
Package
- Name
- plone
- View open source insights on deps.dev
- Purl
- pkg:pypi/plone
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.12Introduced5.0a1Fixed5.0.7
Affected versions
3.*
3.2a1
3.2rc1
3.2
3.2.1
3.2.2
3.2.3
3.3b1
3.3rc1
3.3rc2
3.3rc3
3.3rc4
3.3rc5
3.3
3.3.1
3.3.2
3.3.3
3.3.4
3.3.5
3.3.6
4.*
4.0a1
4.0a2
4.0a3
4.0a4
4.0a5
4.0b1
4.0b2
4.0b3
4.0b4
4.0b5
4.0rc1
4.0
4.0.1
4.0.2
4.0.3
4.0.4
4.0.5
4.0.6
4.0.7
4.0.8
4.0.9
4.0.10
4.1a1
4.1a2
4.1a3
4.1b1
4.1b2
4.1rc2
4.1rc3
4.1
4.1.1
4.1.2
4.1.3
4.1.4
4.1.5
4.1.6
4.2a1
4.2a2
4.2b1
4.2b2
4.2rc1
4.2rc2
4.2
4.2.1
4.2.2
4.2.3
4.2.4
4.2.5
4.2.6
4.2.7
4.3a1
4.3a2
4.3b1
4.3b2
4.3rc1
4.3
4.3.1
4.3.2
4.3.3
4.3.4
4.3.5
4.3.6
4.3.7
4.3.8
4.3.9
4.3.10
4.3.11
5.*
5.0a1
5.0a2
5.0a3
5.0b1
5.0b2
5.0b3
5.0b4
5.0rc1
5.0rc2
5.0rc3
5.0
5.0.1
5.0.2
5.0.3
5.0.4
5.0.5
5.0.6