{"id":"PYSEC-2011-32","details":"Unspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x before 2.13.8, as used in Plone 4.x and other products, and (2) PloneHotfix20110720 for Plone 3.x allows attackers to gain privileges via unspecified vectors, related to a \"highly serious vulnerability.\" NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-0720.","aliases":["CVE-2011-2528","GHSA-p6h9-hpcg-c6gm","PYSEC-2011-25"],"modified":"2026-05-21T15:00:25.806747002Z","published":"2011-07-19T20:55:01.197Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/45056"},{"type":"ADVISORY","url":"http://secunia.com/advisories/45111"},{"type":"FIX","url":"http://plone.org/products/plone-hotfix/releases/20110622"},{"type":"FIX","url":"http://plone.org/products/plone/security/advisories/20110622"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2011/07/04/6"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2011/07/12/9"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=718824"},{"type":"FIX","url":"https://mail.zope.org/pipermail/zope-announce/2011-June/002260.html"}],"affected":[{"package":{"name":"plone","ecosystem":"PyPI","purl":"pkg:pypi/plone"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"3.0"},{"last_affected":"3.0.1"},{"last_affected":"3.0.2"},{"last_affected":"3.0.3"},{"last_affected":"3.0.4"},{"last_affected":"3.0.5"},{"last_affected":"3.0.6"},{"last_affected":"3.1"},{"last_affected":"3.1.1"},{"last_affected":"3.1.2"},{"last_affected":"3.1.3"},{"last_affected":"3.1.4"},{"last_affected":"3.1.5.1"},{"last_affected":"3.1.6"},{"last_affected":"3.1.7"},{"last_affected":"3.2"},{"last_affected":"3.2.1"},{"last_affected":"3.2.2"},{"last_affected":"3.2.3"},{"last_affected":"3.3"},{"last_affected":"3.3.1"},{"last_affected":"3.3.2"},{"last_affected":"3.3.3"},{"last_affected":"3.3.4"},{"last_affected":"3.3.5"},{"last_affected":"3.3.6"},{"last_affected":"4.0"},{"last_affected":"4.0.1"},{"last_affected":"4.0.2"},{"last_affected":"4.0.3"},{"last_affected":"4.0.4"},{"last_affected":"4.0.5"},{"last_affected":"4.0.6.1"},{"last_affected":"4.0.7"},{"last_affected":"4.0.8"},{"last_affected":"4.1"},{"last_affected":"2.12.0"},{"last_affected":"2.12.0-a1"},{"last_affected":"2.12.0-a2"},{"last_affected":"2.12.0-a3"},{"last_affected":"2.12.0-a4"},{"last_affected":"2.12.0-b1"},{"last_affected":"2.12.0-b2"},{"last_affected":"2.12.0-b3"},{"last_affected":"2.12.0-b4"},{"last_affected":"2.12.1"},{"last_affected":"2.12.2"},{"last_affected":"2.12.3"},{"last_affected":"2.12.4"},{"last_affected":"2.12.5"},{"last_affected":"2.12.6"},{"last_affected":"2.12.7"},{"last_affected":"2.12.8"},{"last_affected":"2.12.9"},{"last_affected":"2.12.10"},{"last_affected":"2.12.11"},{"last_affected":"2.12.12"},{"last_affected":"2.12.13"},{"last_affected":"2.12.14"},{"last_affected":"2.12.15"},{"last_affected":"2.12.16"},{"last_affected":"2.12.17"},{"last_affected":"2.12.18"},{"last_affected":"2.13.0"},{"last_affected":"2.13.0-a1"},{"last_affected":"2.13.0-a2"},{"last_affected":"2.13.0-a3"},{"last_affected":"2.13.0-a4"},{"last_affected":"2.13.0-b1"},{"last_affected":"2.13.0-c1"},{"last_affected":"2.13.1"},{"last_affected":"2.13.2"},{"last_affected":"2.13.3"},{"last_affected":"2.13.4"},{"last_affected":"2.13.5"},{"last_affected":"2.13.6"},{"last_affected":"2.13.7"}]}],"versions":["3.2","3.2.1","3.2.2","3.2.3","3.3","3.3.1","3.3.2","3.3.3","3.3.4","3.3.5","3.3.6","4.0","4.0.1","4.0.2","4.0.3","4.0.4","4.0.5","4.0.7","4.0.8","4.1"],"ecosystem_specific":{},"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/plone/PYSEC-2011-32.yaml"}}],"schema_version":"1.7.5"}