Search for packages
| purl | pkg:pypi/tryton@6.0.16 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-4nwz-9kv7-nkat | An XXE issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An authenticated user can make the server parse a crafted XML SEPA file to access arbitrary files on the system. |
CVE-2022-26661
GHSA-cj78-rgw3-4h5p PYSEC-2022-43170 |
| VCID-svxa-7cfb-uyba | An XML Entity Expansion (XEE) issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An unauthenticated user can send a crafted XML-RPC message to consume all the resources of the server. |
CVE-2022-26662
GHSA-pm3h-mm62-pwm8 PYSEC-2022-43171 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-05-31T09:44:05.342902+00:00 | PyPI Importer | Fixing | VCID-svxa-7cfb-uyba | https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip | 38.6.0 |
| 2026-05-31T09:44:05.127503+00:00 | PyPI Importer | Fixing | VCID-4nwz-9kv7-nkat | https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip | 38.6.0 |
| 2026-05-30T20:30:06.928215+00:00 | Pypa Importer | Fixing | VCID-4nwz-9kv7-nkat | https://github.com/pypa/advisory-database/blob/main/vulns/tryton/PYSEC-2022-43170.yaml | 38.6.0 |
| 2026-05-30T20:30:06.512321+00:00 | Pypa Importer | Fixing | VCID-svxa-7cfb-uyba | https://github.com/pypa/advisory-database/blob/main/vulns/tryton/PYSEC-2022-43171.yaml | 38.6.0 |