oss-sec mailing list archives

CVE Request: Plone Sandbox escape vulnerability

From: Nathan Van Gheem <nathan.van.gheem () plone org>
Date: Tue, 17 Jan 2017 09:06:10 -0600

Dear oss-security List,

Please provide a CVE for the following issue:

Sandbox escape
    Accessing private content via `str.format` in through-the-web templates
and scripts. See this blog post by Armin Ronacher (
http://lucumr.pocoo.org/2016/12/29/careful-with-str-format/) for the
general idea. Since the `format` method was introduced in Python 2.6, this
part of the hotfix is only relevant for Plone 4 and 5, not Plone 3.
    Credit: Plone security team, Armin Ronacher
    Reference: https://plone.org/security/hotfix/20170117/sandbox-escape


Versions Affected:
4.3.11 and any earlier 4.x version, 5.0.6 and any earlier 5.x version

Code fixes:
https://pypi.python.org/pypi/Products.PloneHotfix20170117

Recommended action:
Install the https://pypi.python.org/pypi/Products.PloneHotfix20170117
package.


Thank you,
Nathan Van Gheem
Plone Security Team

Current thread:

CVE Request: Plone Sandbox escape vulnerability Nathan Van Gheem (Jan 17)
- Re: CVE Request: Plone Sandbox escape vulnerability cve-assign (Jan 18)