CVE-2009-0668: Zope Object Database (ZODB) vulnerable to arbitrary Python code execution in ZEO storage servers
(updated )
Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol.
References
- exchange.xforce.ibmcloud.com/vulnerabilities/52377
- github.com/advisories/GHSA-4x83-5gw5-q346
- github.com/pypa/advisory-database/tree/main/vulns/zodb3/PYSEC-2009-8.yaml
- github.com/zopefoundation/ZODB3
- nvd.nist.gov/vuln/detail/CVE-2009-0668
- web.archive.org/web/20151023102330/http://secunia.com/advisories/36204
- web.archive.org/web/20151023102336/http://secunia.com/advisories/36205
- web.archive.org/web/20200229152709/http://www.securityfocus.com/bid/35987
Detect and mitigate CVE-2009-0668 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →