docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows remote attackers to include arbitrary files via include directives in RestructuredText functionality.
Software | From | Fixed in |
---|---|---|
debian / debian_linux | 3.0 | 3.0.x |
debian / debian_linux | 3.1 | 3.1.x |
zope / zope | 2.6 | 2.6.x |
zope / zope | 2.7.0 | 2.7.8 |
zope / zope | 2.8.0 | 2.8.2 |