{"package":"Zope2","ecosystem":"pypi","latest_version":"4.0","description":"Zope application server / web framework","license":"ZPL 2.1","license_risk":"unknown","commercial_use_notes":"verify manually — license not parseable / not declared.","homepage":"https://zope.readthedocs.io/en/latest/","repository":"","downloads_weekly":0,"health":{"score":22,"risk":"critical","breakdown":{"maintenance":0,"popularity":0,"security":5,"maturity":15,"community":2},"deprecated":false,"max_score":100},"vulnerabilities":{"count":4,"critical":0,"high":4,"medium":0,"low":0,"details":[{"vuln_id":"CVE-2012-5507","severity":"high","summary":"Plone and Zope2 affected by Race Condition","affected_versions":"<2.13.19|>=3.2.2,<4.2.3|>=4.3a1,<4.3b1|=2.12.0|=2.12.0.a1|=2.12.0a2|=2.12.0a3|=2.12.0a4|=2.12.0b1|=2.12.0b2|=2.12.0b3|=2.12.0b4|=2.12.0c1|=2.12.1|=2.12.10|=2.12.11|=2.12.12|=2.12.13|=2.12.14|=2.12.15|=2.12.16|=2.12.17|=2.12.18|=2.12.19|=2.12.2|=2.12.20|=2.12.21|=2.12.22|=2.12.23|=2.12.24|=2.12.25|=2.12.26|=2.12.27|=2.12.28|=2.12.3|=2.12.4|=2.12.5|=2.12.6|=2.12.7|=2.12.8|=2.12.9|=2.13.0|=2.13.0a1|=2.13.0a2|=2.13.0a3|=2.13.0a4|=2.13.0b1|=2.13.0c1|=2.13.1|=2.13.10|=2.13.11|=2.13.12|=2.13.13|=2.13.14|=2.13.15|=2.13.16|=2.13.17|=2.13.18|=2.13.2|=2.13.3|=2.13.4|=2.13.5|=2.13.6|=2.13.7|=2.13.8|=2.13.9|=3.2.2|=3.2.3|=3.3|=3.3.1|=3.3.2|=3.3.3|=3.3.4|=3.3.5|=3.3.6|=3.3b1|=3.3rc1|=3.3rc2|=3.3rc3|=3.3rc4|=3.3rc5|=4.0|=4.0.1|=4.0.10|=4.0.2|=4.0.3|=4.0.4|=4.0.5|=4.0.6|=4.0.7|=4.0.8|=4.0.9|=4.0a1|=4.0a2|=4.0a3|=4.0a4|=4.0a5|=4.0b1|=4.0b2|=4.0b3|=4.0b4|=4.0b5|=4.0rc1|=4.1|=4.1.1|=4.1.2|=4.1.3|=4.1.4|=4.1.5|=4.1.6|=4.1a1|=4.1a2|=4.1a3|=4.1b1|=4.1b2|=4.1rc2|=4.1rc3|=4.2|=4.2.1|=4.2.2|=4.2a1|=4.2a2|=4.2b1|=4.2b2|=4.2rc1|=4.2rc2|=4.3a1|=4.3a2","fixed_version":"4.3b1","source":"osv","published_at":"2018-07-23T19:51:02Z","in_kev":false,"epss_prob":0.00276,"epss_percentile":0.51024,"threat_tier":"theoretical"},{"vuln_id":"CVE-2012-6661","severity":"high","summary":"Plone and Zope2 do not reseed pseudo-random number generator","affected_versions":"<2.13.19|>=3.2.2,<4.2.3|>=4.3a1,<4.3b1|=2.12.0|=2.12.0.a1|=2.12.0a2|=2.12.0a3|=2.12.0a4|=2.12.0b1|=2.12.0b2|=2.12.0b3|=2.12.0b4|=2.12.0c1|=2.12.1|=2.12.10|=2.12.11|=2.12.12|=2.12.13|=2.12.14|=2.12.15|=2.12.16|=2.12.17|=2.12.18|=2.12.19|=2.12.2|=2.12.20|=2.12.21|=2.12.22|=2.12.23|=2.12.24|=2.12.25|=2.12.26|=2.12.27|=2.12.28|=2.12.3|=2.12.4|=2.12.5|=2.12.6|=2.12.7|=2.12.8|=2.12.9|=2.13.0|=2.13.0a1|=2.13.0a2|=2.13.0a3|=2.13.0a4|=2.13.0b1|=2.13.0c1|=2.13.1|=2.13.10|=2.13.11|=2.13.12|=2.13.13|=2.13.14|=2.13.15|=2.13.16|=2.13.17|=2.13.18|=2.13.2|=2.13.3|=2.13.4|=2.13.5|=2.13.6|=2.13.7|=2.13.8|=2.13.9|=3.2.2|=3.2.3|=3.3|=3.3.1|=3.3.2|=3.3.3|=3.3.4|=3.3.5|=3.3.6|=3.3b1|=3.3rc1|=3.3rc2|=3.3rc3|=3.3rc4|=3.3rc5|=4.0|=4.0.1|=4.0.10|=4.0.2|=4.0.3|=4.0.4|=4.0.5|=4.0.6|=4.0.7|=4.0.8|=4.0.9|=4.0a1|=4.0a2|=4.0a3|=4.0a4|=4.0a5|=4.0b1|=4.0b2|=4.0b3|=4.0b4|=4.0b5|=4.0rc1|=4.1|=4.1.1|=4.1.2|=4.1.3|=4.1.4|=4.1.5|=4.1.6|=4.1a1|=4.1a2|=4.1a3|=4.1b1|=4.1b2|=4.1rc2|=4.1rc3|=4.2|=4.2.1|=4.2.2|=4.2a1|=4.2a2|=4.2b1|=4.2b2|=4.2rc1|=4.2rc2|=4.3a1|=4.3a2","fixed_version":"4.3b1","source":"osv","published_at":"2018-07-23T19:51:14Z","in_kev":false,"epss_prob":0.00403,"epss_percentile":0.60893,"threat_tier":"theoretical"},{"vuln_id":"CVE-2012-5486","severity":"high","summary":"HTTP header injection in Plone and Zope2","affected_versions":"<2.13.19|>=3.3.2,<4.2.3|>=4.3a1,<4.3b1|=2.12.0|=2.12.0.a1|=2.12.0a2|=2.12.0a3|=2.12.0a4|=2.12.0b1|=2.12.0b2|=2.12.0b3|=2.12.0b4|=2.12.0c1|=2.12.1|=2.12.10|=2.12.11|=2.12.12|=2.12.13|=2.12.14|=2.12.15|=2.12.16|=2.12.17|=2.12.18|=2.12.19|=2.12.2|=2.12.20|=2.12.21|=2.12.22|=2.12.23|=2.12.24|=2.12.25|=2.12.26|=2.12.27|=2.12.28|=2.12.3|=2.12.4|=2.12.5|=2.12.6|=2.12.7|=2.12.8|=2.12.9|=2.13.0|=2.13.0a1|=2.13.0a2|=2.13.0a3|=2.13.0a4|=2.13.0b1|=2.13.0c1|=2.13.1|=2.13.10|=2.13.11|=2.13.12|=2.13.13|=2.13.14|=2.13.15|=2.13.16|=2.13.17|=2.13.18|=2.13.2|=2.13.3|=2.13.4|=2.13.5|=2.13.6|=2.13.7|=2.13.8|=2.13.9|=3.3.2|=3.3.3|=3.3.4|=3.3.5|=3.3.6|=4.0|=4.0.1|=4.0.10|=4.0.2|=4.0.3|=4.0.4|=4.0.5|=4.0.6|=4.0.7|=4.0.8|=4.0.9|=4.0a1|=4.0a2|=4.0a3|=4.0a4|=4.0a5|=4.0b1|=4.0b2|=4.0b3|=4.0b4|=4.0b5|=4.0rc1|=4.1|=4.1.1|=4.1.2|=4.1.3|=4.1.4|=4.1.5|=4.1.6|=4.1a1|=4.1a2|=4.1a3|=4.1b1|=4.1b2|=4.1rc2|=4.1rc3|=4.2|=4.2.1|=4.2.2|=4.2a1|=4.2a2|=4.2b1|=4.2b2|=4.2rc1|=4.2rc2|=4.3a1|=4.3a2","fixed_version":"4.3b1","source":"osv","published_at":"2018-07-23T19:51:50Z","in_kev":false,"epss_prob":0.00821,"epss_percentile":0.74469,"threat_tier":"theoretical"},{"vuln_id":"CVE-2012-5489","severity":"high","summary":"Plone and Zope2 vulnerable to unauthorized access to restricted attributes","affected_versions":"<2.12.21|>=2.13.0,<2.13.11|>=3.2.2,<4.2.3|>=4.3a1,<4.3b1|=2.12.0|=2.12.0.a1|=2.12.0a2|=2.12.0a3|=2.12.0a4|=2.12.0b1|=2.12.0b2|=2.12.0b3|=2.12.0b4|=2.12.0c1|=2.12.1|=2.12.10|=2.12.11|=2.12.12|=2.12.13|=2.12.14|=2.12.15|=2.12.16|=2.12.17|=2.12.18|=2.12.19|=2.12.2|=2.12.20|=2.12.3|=2.12.4|=2.12.5|=2.12.6|=2.12.7|=2.12.8|=2.12.9|=2.13.0|=2.13.1|=2.13.10|=2.13.2|=2.13.3|=2.13.4|=2.13.5|=2.13.6|=2.13.7|=2.13.8|=2.13.9|=3.2.2|=3.2.3|=3.3|=3.3.1|=3.3.2|=3.3.3|=3.3.4|=3.3.5|=3.3.6|=3.3b1|=3.3rc1|=3.3rc2|=3.3rc3|=3.3rc4|=3.3rc5|=4.0|=4.0.1|=4.0.10|=4.0.2|=4.0.3|=4.0.4|=4.0.5|=4.0.6|=4.0.7|=4.0.8|=4.0.9|=4.0a1|=4.0a2|=4.0a3|=4.0a4|=4.0a5|=4.0b1|=4.0b2|=4.0b3|=4.0b4|=4.0b5|=4.0rc1|=4.1|=4.1.1|=4.1.2|=4.1.3|=4.1.4|=4.1.5|=4.1.6|=4.1a1|=4.1a2|=4.1a3|=4.1b1|=4.1b2|=4.1rc2|=4.1rc3|=4.2|=4.2.1|=4.2.2|=4.2a1|=4.2a2|=4.2b1|=4.2b2|=4.2rc1|=4.2rc2|=4.3a1|=4.3a2","fixed_version":"4.3b1","source":"osv","published_at":"2018-07-23T19:52:06Z","in_kev":false,"epss_prob":0.00575,"epss_percentile":0.68818,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"4.0","total_count":83,"recent":["2.13.19","2.13.20","2.13.21","2.13.22","2.13.23","2.13.24","2.13.25","2.13.26","2.13.27","2.13.28","2.13.29","2.13.30","4.0a1","4.0a2","4.0a3","4.0a4","4.0a5","4.0a6","4.0b1","4.0"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":1,"first_published":null,"last_published":"2019-05-10T13:33:13.765471Z","dependencies_count":0,"dependencies":[]},"github_stats":null,"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"update_required","issues":["Low health score (22/100)","4 high severity vulnerabilities"],"use_version":"4.0","version_hint":"Update to >= 4.3b1 to fix known vulnerabilities","summary":"Zope2@4.0 has vulnerabilities — update to latest"},"version_scoped":null,"requested_version":null,"_cache":"hit","_response_ms":0,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false},"version_history_summary":{"total_versions":20,"first_release_age_days":null,"last_release_days_ago":2545,"avg_days_between_releases":null,"release_velocity":"stale"}}