Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/trytond@6.2.0
Typepypi
Namespace
Nametrytond
Version6.2.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version6.2.6
Latest_non_vulnerable_version7.6.11
Affected_by_vulnerabilities
0
url VCID-7ptr-cub3-3yeq
vulnerability_id VCID-7ptr-cub3-3yeq
summary An XML Entity Expansion (XEE) issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An unauthenticated user can send a crafted XML-RPC message to consume all the resources of the server.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-26662
reference_id
reference_type
scores
0
value 0.05585
scoring_system epss
scoring_elements 0.90477
published_at 2026-06-05T12:55:00Z
1
value 0.05585
scoring_system epss
scoring_elements 0.90462
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-26662
1
reference_url https://bugs.tryton.org/issue11244
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.tryton.org/issue11244
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26661
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26661
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26662
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26662
4
reference_url https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059
5
reference_url https://hg.tryton.org/trytond
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://hg.tryton.org/trytond
6
reference_url https://lists.debian.org/debian-lts-announce/2022/03/msg00016.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/03/msg00016.html
7
reference_url https://lists.debian.org/debian-lts-announce/2022/03/msg00017.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/03/msg00017.html
8
reference_url https://www.debian.org/security/2022/dsa-5098
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5098
9
reference_url https://www.debian.org/security/2022/dsa-5099
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5099
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-26662
reference_id CVE-2022-26662
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-26662
11
reference_url https://github.com/advisories/GHSA-pm3h-mm62-pwm8
reference_id GHSA-pm3h-mm62-pwm8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pm3h-mm62-pwm8
fixed_packages
0
url pkg:pypi/trytond@6.2.6
purl pkg:pypi/trytond@6.2.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@6.2.6
aliases CVE-2022-26662, GHSA-pm3h-mm62-pwm8, PYSEC-2022-43171
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ptr-cub3-3yeq
1
url VCID-te21-ks2b-dfhy
vulnerability_id VCID-te21-ks2b-dfhy
summary An XXE issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An authenticated user can make the server parse a crafted XML SEPA file to access arbitrary files on the system.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-26661
reference_id
reference_type
scores
0
value 0.00484
scoring_system epss
scoring_elements 0.65614
published_at 2026-06-04T12:55:00Z
1
value 0.00484
scoring_system epss
scoring_elements 0.65666
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-26661
1
reference_url https://bugs.tryton.org/issue11219
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://bugs.tryton.org/issue11219
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26661
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26661
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26662
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26662
4
reference_url https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059
5
reference_url https://foss.heptapod.net/tryton/tryton/-/issues/11219
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://foss.heptapod.net/tryton/tryton/-/issues/11219
6
reference_url https://hg.tryton.org/trytond
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://hg.tryton.org/trytond
7
reference_url https://lists.debian.org/debian-lts-announce/2022/03/msg00016.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/03/msg00016.html
8
reference_url https://lists.debian.org/debian-lts-announce/2022/03/msg00017.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/03/msg00017.html
9
reference_url https://www.debian.org/security/2022/dsa-5098
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5098
10
reference_url https://www.debian.org/security/2022/dsa-5099
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5099
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-26661
reference_id CVE-2022-26661
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-26661
12
reference_url https://github.com/advisories/GHSA-cj78-rgw3-4h5p
reference_id GHSA-cj78-rgw3-4h5p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cj78-rgw3-4h5p
fixed_packages
0
url pkg:pypi/trytond@6.2.6
purl pkg:pypi/trytond@6.2.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@6.2.6
aliases CVE-2022-26661, GHSA-cj78-rgw3-4h5p, PYSEC-2022-43170
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-te21-ks2b-dfhy
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/trytond@6.2.0