CVE-2011-2528: High severity vulnerability that affects Plone and Zope2
(updated )
Unspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x before 2.13.8, as used in Plone 4.x and other products, and (2) PloneHotfix20110720 for Plone 3.x allows attackers to gain privileges via unspecified vectors, related to a “highly serious vulnerability.” NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-0720.
References
- bugzilla.redhat.com/show_bug.cgi?id=718824
- github.com/advisories/GHSA-p6h9-hpcg-c6gm
- github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-25.yaml
- mail.zope.org/pipermail/zope-announce/2011-June/002260.html
- nvd.nist.gov/vuln/detail/CVE-2011-2528
- plone.org/products/plone-hotfix/releases/20110622
- plone.org/products/plone/security/advisories/20110622
- www.openwall.com/lists/oss-security/2011/07/04/6
- www.openwall.com/lists/oss-security/2011/07/12/9
Detect and mitigate CVE-2011-2528 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →