{"id":"PYSEC-2006-8","details":"The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary files via a csv_table directive, a different vulnerability than CVE-2006-3458.","aliases":["CVE-2006-4684","GHSA-hm8g-jxjj-gfm3"],"modified":"2026-06-10T17:00:28.510260188Z","published":"2006-09-19T18:07:00Z","withdrawn":"2024-11-22T04:37:05Z","references":[{"type":"WEB","url":"http://mail.zope.org/pipermail/zope-announce/2006-August/002005.html"},{"type":"FIX","url":"http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt"},{"type":"FIX","url":"http://www.debian.org/security/2006/dsa-1176"},{"type":"ADVISORY","url":"http://www.debian.org/security/2006/dsa-1176"},{"type":"FIX","url":"http://secunia.com/advisories/21947"},{"type":"ADVISORY","url":"http://secunia.com/advisories/21947"},{"type":"FIX","url":"http://secunia.com/advisories/21953"},{"type":"ADVISORY","url":"http://secunia.com/advisories/21953"},{"type":"WEB","url":"http://www.securityfocus.com/bid/20022"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2006/3653"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-hm8g-jxjj-gfm3"}],"affected":[{"package":{"name":"zope2","ecosystem":"PyPI","purl":"pkg:pypi/zope2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.12.0","2.12.0.a1","2.12.0a2","2.12.0a3","2.12.0a4","2.12.0b1","2.12.0b2","2.12.0b3","2.12.0b4","2.12.0c1","2.12.1","2.12.10","2.12.11","2.12.12","2.12.13","2.12.14","2.12.15","2.12.16","2.12.17","2.12.18","2.12.19","2.12.2","2.12.20","2.12.21","2.12.22","2.12.23","2.12.24","2.12.25","2.12.26","2.12.27","2.12.28","2.12.3","2.12.4","2.12.5","2.12.6","2.12.7","2.12.8","2.12.9","2.13.0","2.13.0a1","2.13.0a2","2.13.0a3","2.13.0a4","2.13.0b1","2.13.0c1","2.13.1","2.13.10","2.13.11","2.13.12","2.13.13","2.13.14","2.13.15","2.13.16","2.13.17","2.13.18","2.13.19","2.13.2","2.13.20","2.13.21","2.13.22","2.13.23","2.13.24","2.13.25","2.13.26","2.13.27","2.13.28","2.13.29","2.13.3","2.13.30","2.13.4","2.13.5","2.13.6","2.13.7","2.13.8","2.13.9","4.0","4.0a1","4.0a2","4.0a3","4.0a4","4.0a5","4.0a6","4.0b1"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/zope2/PYSEC-2006-8.yaml"}}],"schema_version":"1.7.5"}