Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/trytond@2.8.9
Typepypi
Namespace
Nametrytond
Version2.8.9
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.2.21
Latest_non_vulnerable_version7.6.11
Affected_by_vulnerabilities
0
url VCID-d2ex-b38e-bbg2
vulnerability_id VCID-d2ex-b38e-bbg2
summary Tryton 3.x before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allow remote authenticated users to discover user password hashes via unspecified vectors.
references
0
reference_url https://bugs.tryton.org/issue5795
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.tryton.org/issue5795
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2016-12.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2016-12.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tryton/PYSEC-2016-40.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/tryton/PYSEC-2016-40.yaml
3
reference_url https://github.com/tryton/trytond
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond
4
reference_url https://github.com/tryton/trytond/commit/11424d57b7838381745655e2e89470ff9087cd27
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond/commit/11424d57b7838381745655e2e89470ff9087cd27
5
reference_url https://github.com/tryton/trytond/commit/30d2a6dcaf09340829cd70ee8a15a4941ca7161a
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond/commit/30d2a6dcaf09340829cd70ee8a15a4941ca7161a
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1241
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1241
7
reference_url http://www.debian.org/security/2016/dsa-3656
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3656
8
reference_url http://www.tryton.org/posts/security-release-for-issue5795-and-issue5808.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.tryton.org/posts/security-release-for-issue5795-and-issue5808.html
fixed_packages
0
url pkg:pypi/trytond@3.2.17
purl pkg:pypi/trytond@3.2.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.2.17
1
url pkg:pypi/trytond@3.4.14
purl pkg:pypi/trytond@3.4.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.4.14
2
url pkg:pypi/trytond@3.6.12
purl pkg:pypi/trytond@3.6.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.6.12
3
url pkg:pypi/trytond@3.8.8
purl pkg:pypi/trytond@3.8.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.8.8
4
url pkg:pypi/trytond@4.0.4
purl pkg:pypi/trytond@4.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@4.0.4
aliases CVE-2016-1241, GHSA-52j9-v3jc-9xgc, PYSEC-2016-12, PYSEC-2016-40
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d2ex-b38e-bbg2
1
url VCID-dn5v-2sp3-5uez
vulnerability_id VCID-dn5v-2sp3-5uez
summary file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors.
references
0
reference_url https://bugs.tryton.org/issue5808
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.tryton.org/issue5808
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2016-13.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2016-13.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tryton/PYSEC-2016-41.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/tryton/PYSEC-2016-41.yaml
3
reference_url https://github.com/tryton/trytond
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond
4
reference_url http://www.debian.org/security/2016/dsa-3656
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3656
5
reference_url http://www.tryton.org/posts/security-release-for-issue5795-and-issue5808.html
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.tryton.org/posts/security-release-for-issue5795-and-issue5808.html
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1242
reference_id CVE-2016-1242
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1242
7
reference_url https://github.com/advisories/GHSA-jpr7-8rxm-4vgx
reference_id GHSA-jpr7-8rxm-4vgx
reference_type
scores
url https://github.com/advisories/GHSA-jpr7-8rxm-4vgx
fixed_packages
0
url pkg:pypi/trytond@3.2.17
purl pkg:pypi/trytond@3.2.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.2.17
1
url pkg:pypi/trytond@3.4.14
purl pkg:pypi/trytond@3.4.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.4.14
2
url pkg:pypi/trytond@3.6.12
purl pkg:pypi/trytond@3.6.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.6.12
3
url pkg:pypi/trytond@3.8.8
purl pkg:pypi/trytond@3.8.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.8.8
4
url pkg:pypi/trytond@4.0.4
purl pkg:pypi/trytond@4.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@4.0.4
aliases CVE-2016-1242, GHSA-jpr7-8rxm-4vgx, PYSEC-2016-13, PYSEC-2016-41
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dn5v-2sp3-5uez
2
url VCID-kf2v-9dsr-6fhg
vulnerability_id VCID-kf2v-9dsr-6fhg
summary The safe_eval function in trytond in Tryton before 2.4.15, 2.6.x before 2.6.14, 2.8.x before 2.8.11, 3.0.x before 3.0.7, and 3.2.x before 3.2.3 allows remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the collection.domain in the webdav module or (2) the formula field in the price_list module.
references
0
reference_url https://bugs.tryton.org/issue4155
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.tryton.org/issue4155
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2018-59.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2018-59.yaml
2
reference_url https://github.com/tryton/trytond
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond
3
reference_url https://github.com/tryton/trytond/commit/19fc2a01357b7638041953326e404f51d96fad06
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond/commit/19fc2a01357b7638041953326e404f51d96fad06
4
reference_url https://github.com/tryton/trytond/commit/3e4c2b7e8c7b3358597a0d484fa98f45483ee92a
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond/commit/3e4c2b7e8c7b3358597a0d484fa98f45483ee92a
5
reference_url http://www.tryton.org/posts/security-release-for-issue4155.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.tryton.org/posts/security-release-for-issue4155.html
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-6633
reference_id CVE-2014-6633
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-6633
7
reference_url https://github.com/advisories/GHSA-m9jj-5qvj-5fhx
reference_id GHSA-m9jj-5qvj-5fhx
reference_type
scores
url https://github.com/advisories/GHSA-m9jj-5qvj-5fhx
fixed_packages
0
url pkg:pypi/trytond@2.8.11
purl pkg:pypi/trytond@2.8.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d2ex-b38e-bbg2
1
vulnerability VCID-dn5v-2sp3-5uez
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@2.8.11
1
url pkg:pypi/trytond@3.0.7
purl pkg:pypi/trytond@3.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d2ex-b38e-bbg2
1
vulnerability VCID-dn5v-2sp3-5uez
2
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.0.7
2
url pkg:pypi/trytond@3.2.3
purl pkg:pypi/trytond@3.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d2ex-b38e-bbg2
1
vulnerability VCID-dn5v-2sp3-5uez
2
vulnerability VCID-qw4q-qbp7-1fg4
3
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.2.3
aliases CVE-2014-6633, GHSA-m9jj-5qvj-5fhx, PYSEC-2018-59
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kf2v-9dsr-6fhg
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/trytond@2.8.9