VDB
EN

PYSEC-2026-756

Zope allows attackers to modify raw image and file data

상세

Zope 2.2.0 through 2.2.4 does not properly protect a data updating method on Image and File objects, which allows attackers with DTML editing privileges to modify the raw data of these objects.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

PyPI / zope
최초 영향 버전: 2.2.0

No fixed version published yet for zope (pip). Pin to a known-safe version or switch to an alternative.

참고