CVE-2002-0687
Zope Server vulnerable to DoS via header injection
EPSS 0.60%
Description
Zope is a Web application server for Linux. Zope versions 2.0 through 2.5.1 b1 are vulnerable to a denial of service attack, caused by a vulnerability that occurs when using the "through the Web code" capability. A remote attacker could inject malicious headers into a response to cause the vulnerable system to crash.
How to fix CVE-2002-0687
To remediate CVE-2002-0687, upgrade the affected package to a fixed version below.
- PyPI/zope—upgrade to 2.4.4b2 or later
Is CVE-2002-0687 being exploited?
Low — EPSS is 0.6%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- >= 2.0.0, < 2.4.4b2