CVE-2021-32674: Remote Code Execution via traversal in TAL expressions

(updated )

This advisory extends the previous advisory at https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36 with additional cases of TAL expression traversal vulnerabilities.

References

Code Behaviors & Features

Detect and mitigate CVE-2021-32674 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →