Search for packages
| purl | pkg:pypi/proteus@5.0.8 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-4nwz-9kv7-nkat
Aliases: CVE-2022-26661 GHSA-cj78-rgw3-4h5p PYSEC-2022-43170 |
An XXE issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An authenticated user can make the server parse a crafted XML SEPA file to access arbitrary files on the system. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-svxa-7cfb-uyba
Aliases: CVE-2022-26662 GHSA-pm3h-mm62-pwm8 PYSEC-2022-43171 |
An XML Entity Expansion (XEE) issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An unauthenticated user can send a crafted XML-RPC message to consume all the resources of the server. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-01T06:32:42.199093+00:00 | GitLab Importer | Affected by | VCID-svxa-7cfb-uyba | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/proteus/CVE-2022-26662.yml | 38.6.0 |
| 2026-06-01T06:32:38.196788+00:00 | GitLab Importer | Affected by | VCID-4nwz-9kv7-nkat | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/proteus/CVE-2022-26661.yml | 38.6.0 |