—

PYSEC-2009-8

상세

Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

PyPI / zodb3

최초 영향 버전: 0 수정 버전: 3.8.2

수정 pip install --upgrade 'zodb3>=3.8.2'

참고

http://mail.zope.org/pipermail/zope-announce/2009-August/002220.html [WEB]
http://secunia.com/advisories/36204 [ADVISORY]
http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2 [WEB]
http://secunia.com/advisories/36205 [ADVISORY]
http://osvdb.org/56827 [WEB]
http://www.vupen.com/english/advisories/2009/2217 [ADVISORY]
http://www.securityfocus.com/bid/35987 [WEB]
https://exchange.xforce.ibmcloud.com/vulnerabilities/52377 [WEB]
https://github.com/advisories/GHSA-4x83-5gw5-q346 [ADVISORY]