Lucene search
GoogleOSV:GHSA-P5WR-VP8G-Q5P4HistoryJul 12, 2018 - 2:45 p.m.
Plone Sandbox Escape
2018-07-1214:45:15
Google
osv.dev
7
Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection mechanism and obtain sensitive information by leveraging the Python string format method.
References
www.openwall.com/lists/oss-security/2017/01/18/6
www.securityfocus.com/bid/95679
github.com/advisories/GHSA-p5wr-vp8g-q5p4
github.com/plone/Products.CMFPlone/commit/a7d47692058e10ce89968e7ca4dacbdf44fcad4f
github.com/plone/Products.CMFPlone/pull/1912
nvd.nist.gov/vuln/detail/CVE-2017-5524
plone.org/security/hotfix/20170117/sandbox-escape
Related
prion
prion
Format string
2017-03-23 16:59:00
redhatcve
redhatcve
CVE-2017-5524
2017-03-28 11:47:56
nvd
nvd
CVE-2017-5524
2017-03-23 16:59:00
cvelist
cvelist
CVE-2017-5524
2017-03-23 16:00:00
osv
osv
PYSEC-2017-81
2017-03-23 16:59:00
CVE-2017-5524
2017-03-23 16:59:00
veracode
veracode
Sandbox Escape
2017-01-18 07:28:50
cve
cve
CVE-2017-5524
2017-03-23 16:59:00
github
github
Plone Sandbox Escape
2018-07-12 14:45:15
openvas
openvas
Plone CMS < 4.3.12, 5.x < 5.0.7 Multiple Vulnerabilities
2016-10-31 00:00:00