Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
Typedeb
Namespacedebian
Nametryton-server
Version7.0.47-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-4nwz-9kv7-nkat
vulnerability_id VCID-4nwz-9kv7-nkat
summary An XXE issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An authenticated user can make the server parse a crafted XML SEPA file to access arbitrary files on the system.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-26661
reference_id
reference_type
scores
0
value 0.00484
scoring_system epss
scoring_elements 0.65568
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-26661
1
reference_url https://bugs.tryton.org/issue11219
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://bugs.tryton.org/issue11219
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26661
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26661
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26662
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26662
4
reference_url https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059
5
reference_url https://foss.heptapod.net/tryton/tryton/-/issues/11219
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://foss.heptapod.net/tryton/tryton/-/issues/11219
6
reference_url https://hg.tryton.org/trytond
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://hg.tryton.org/trytond
7
reference_url https://lists.debian.org/debian-lts-announce/2022/03/msg00016.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/03/msg00016.html
8
reference_url https://lists.debian.org/debian-lts-announce/2022/03/msg00017.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/03/msg00017.html
9
reference_url https://www.debian.org/security/2022/dsa-5098
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5098
10
reference_url https://www.debian.org/security/2022/dsa-5099
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5099
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-26661
reference_id CVE-2022-26661
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-26661
12
reference_url https://github.com/advisories/GHSA-cj78-rgw3-4h5p
reference_id GHSA-cj78-rgw3-4h5p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cj78-rgw3-4h5p
fixed_packages
0
url pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@5.0.33-2%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@5.0.33-2%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/tryton-server@6.0.16-1?distro=trixie
purl pkg:deb/debian/tryton-server@6.0.16-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@6.0.16-1%3Fdistro=trixie
3
url pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
purl pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@6.0.29-2%252Bdeb12u4%3Fdistro=trixie
4
url pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.30-1%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.47-1%3Fdistro=trixie
aliases CVE-2022-26661, GHSA-cj78-rgw3-4h5p, PYSEC-2022-43170
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4nwz-9kv7-nkat
1
url VCID-77mz-4wnx-93ez
vulnerability_id VCID-77mz-4wnx-93ez
summary Tryton 3.x before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allow remote authenticated users to discover user password hashes via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1241
reference_id
reference_type
scores
0
value 0.00184
scoring_system epss
scoring_elements 0.39906
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1241
1
reference_url https://bugs.tryton.org/issue5795
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.tryton.org/issue5795
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1241
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1241
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1242
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1242
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2016-12.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2016-12.yaml
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tryton/PYSEC-2016-40.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/tryton/PYSEC-2016-40.yaml
6
reference_url https://github.com/tryton/trytond
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond
7
reference_url https://github.com/tryton/trytond/commit/11424d57b7838381745655e2e89470ff9087cd27
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond/commit/11424d57b7838381745655e2e89470ff9087cd27
8
reference_url https://github.com/tryton/trytond/commit/30d2a6dcaf09340829cd70ee8a15a4941ca7161a
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond/commit/30d2a6dcaf09340829cd70ee8a15a4941ca7161a
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1241
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1241
10
reference_url http://www.debian.org/security/2016/dsa-3656
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3656
11
reference_url http://www.tryton.org/posts/security-release-for-issue5795-and-issue5808.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.tryton.org/posts/security-release-for-issue5795-and-issue5808.html
12
reference_url https://github.com/advisories/GHSA-52j9-v3jc-9xgc
reference_id GHSA-52j9-v3jc-9xgc
reference_type
scores
url https://github.com/advisories/GHSA-52j9-v3jc-9xgc
fixed_packages
0
url pkg:deb/debian/tryton-server@4.0.4-1?distro=trixie
purl pkg:deb/debian/tryton-server@4.0.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@4.0.4-1%3Fdistro=trixie
1
url pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@5.0.33-2%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
purl pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@6.0.29-2%252Bdeb12u4%3Fdistro=trixie
3
url pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.30-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.47-1%3Fdistro=trixie
aliases CVE-2016-1241, GHSA-52j9-v3jc-9xgc, PYSEC-2016-12, PYSEC-2016-40
risk_score 1.9
exploitability 0.5
weighted_severity 3.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-77mz-4wnx-93ez
2
url VCID-bt9e-28y7-efh3
vulnerability_id VCID-bt9e-28y7-efh3
summary 
trytond allows remote attackers to obtain sensitive trace-back (server setup) information
Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back (server setup) information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-66422
reference_id
reference_type
scores
0
value 0.00054
scoring_system epss
scoring_elements 0.17302
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-66422
1
reference_url https://discuss.tryton.org/t/security-release-for-issue-14354/8950
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T13:33:24Z/
url https://discuss.tryton.org/t/security-release-for-issue-14354/8950
2
reference_url https://foss.heptapod.net/tryton/tryton/-/issues/14354
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T13:33:24Z/
url https://foss.heptapod.net/tryton/tryton/-/issues/14354
3
reference_url https://github.com/tryton/trytond
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121242
reference_id 1121242
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121242
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-66422
reference_id CVE-2025-66422
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-66422
6
reference_url https://github.com/advisories/GHSA-jqfc-9q34-prhg
reference_id GHSA-jqfc-9q34-prhg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jqfc-9q34-prhg
fixed_packages
0
url pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@5.0.33-2%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@5.0.33-2%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
purl pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@6.0.29-2%252Bdeb12u4%3Fdistro=trixie
3
url pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.30-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/tryton-server@7.0.40-1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.40-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.40-1%3Fdistro=trixie
5
url pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.47-1%3Fdistro=trixie
aliases CVE-2025-66422, GHSA-jqfc-9q34-prhg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bt9e-28y7-efh3
3
url VCID-frxk-6s38-uqcs
vulnerability_id VCID-frxk-6s38-uqcs
summary trytond 2.4: ModelView.button fails to validate authorization
references
0
reference_url http://hg.tryton.org/2.4/trytond/rev/279f0031b461
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://hg.tryton.org/2.4/trytond/rev/279f0031b461
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-2238
reference_id
reference_type
scores
0
value 0.00353
scoring_system epss
scoring_elements 0.57908
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-2238
2
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/78435
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/78435
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2019-211.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2019-211.yaml
4
reference_url https://github.com/tryton/trytond
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond
5
reference_url https://github.com/tryton/trytond/commit/4509595762da0c08fdf182e2bdf952cbbe300667
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond/commit/4509595762da0c08fdf182e2bdf952cbbe300667
6
reference_url https://github.com/tryton/trytond/commit/96cd5d58ea82fb746b42dc2ebde9b8f531368d53
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond/commit/96cd5d58ea82fb746b42dc2ebde9b8f531368d53
7
reference_url https://security-tracker.debian.org/tracker/CVE-2012-2238
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security-tracker.debian.org/tracker/CVE-2012-2238
8
reference_url https://web.archive.org/web/20200229115241/https://www.securityfocus.com/bid/55503
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200229115241/https://www.securityfocus.com/bid/55503
9
reference_url http://www.openwall.com/lists/oss-security/2012/09/11/10
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/09/11/10
10
reference_url http://www.securityfocus.com/bid/55503
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/55503
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-2238
reference_id CVE-2012-2238
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-2238
12
reference_url https://github.com/advisories/GHSA-jfgc-5vh4-8rh5
reference_id GHSA-jfgc-5vh4-8rh5
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jfgc-5vh4-8rh5
fixed_packages
0
url pkg:deb/debian/tryton-server@0?distro=trixie
purl pkg:deb/debian/tryton-server@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@0%3Fdistro=trixie
1
url pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@5.0.33-2%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
purl pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@6.0.29-2%252Bdeb12u4%3Fdistro=trixie
3
url pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.30-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.47-1%3Fdistro=trixie
aliases CVE-2012-2238, GHSA-jfgc-5vh4-8rh5, PYSEC-2019-211
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-frxk-6s38-uqcs
4
url VCID-gcmg-p94p-ebes
vulnerability_id VCID-gcmg-p94p-ebes
summary 
trytond does not enforce access rights for the route of the HTML editor.
Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-66423
reference_id
reference_type
scores
0
value 0.00043
scoring_system epss
scoring_elements 0.13715
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-66423
1
reference_url https://discuss.tryton.org/t/security-release-for-issue-14364/8952
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T13:33:32Z/
url https://discuss.tryton.org/t/security-release-for-issue-14364/8952
2
reference_url https://foss.heptapod.net/tryton/tryton/-/issues/14364
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T13:33:32Z/
url https://foss.heptapod.net/tryton/tryton/-/issues/14364
3
reference_url https://github.com/tryton/trytond
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121241
reference_id 1121241
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121241
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-66423
reference_id CVE-2025-66423
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-66423
6
reference_url https://github.com/advisories/GHSA-p3p5-xrmv-4j6x
reference_id GHSA-p3p5-xrmv-4j6x
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p3p5-xrmv-4j6x
fixed_packages
0
url pkg:deb/debian/tryton-server@0?distro=trixie
purl pkg:deb/debian/tryton-server@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@0%3Fdistro=trixie
1
url pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@5.0.33-2%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
purl pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@6.0.29-2%252Bdeb12u4%3Fdistro=trixie
3
url pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.30-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/tryton-server@7.0.40-1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.40-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.40-1%3Fdistro=trixie
5
url pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.47-1%3Fdistro=trixie
aliases CVE-2025-66423, GHSA-p3p5-xrmv-4j6x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gcmg-p94p-ebes
5
url VCID-jqyv-wemu-pbdy
vulnerability_id VCID-jqyv-wemu-pbdy
summary The safe_eval function in trytond in Tryton before 2.4.15, 2.6.x before 2.6.14, 2.8.x before 2.8.11, 3.0.x before 3.0.7, and 3.2.x before 3.2.3 allows remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the collection.domain in the webdav module or (2) the formula field in the price_list module.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-6633
reference_id
reference_type
scores
0
value 0.01034
scoring_system epss
scoring_elements 0.77664
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-6633
1
reference_url https://bugs.tryton.org/issue4155
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.tryton.org/issue4155
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6633
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6633
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2018-59.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2018-59.yaml
4
reference_url https://github.com/tryton/trytond
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond
5
reference_url https://github.com/tryton/trytond/commit/19fc2a01357b7638041953326e404f51d96fad06
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond/commit/19fc2a01357b7638041953326e404f51d96fad06
6
reference_url https://github.com/tryton/trytond/commit/3e4c2b7e8c7b3358597a0d484fa98f45483ee92a
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond/commit/3e4c2b7e8c7b3358597a0d484fa98f45483ee92a
7
reference_url http://www.tryton.org/posts/security-release-for-issue4155.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.tryton.org/posts/security-release-for-issue4155.html
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-6633
reference_id CVE-2014-6633
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-6633
9
reference_url https://github.com/advisories/GHSA-m9jj-5qvj-5fhx
reference_id GHSA-m9jj-5qvj-5fhx
reference_type
scores
url https://github.com/advisories/GHSA-m9jj-5qvj-5fhx
fixed_packages
0
url pkg:deb/debian/tryton-server@3.2.3-1?distro=trixie
purl pkg:deb/debian/tryton-server@3.2.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@3.2.3-1%3Fdistro=trixie
1
url pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@5.0.33-2%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
purl pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@6.0.29-2%252Bdeb12u4%3Fdistro=trixie
3
url pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.30-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.47-1%3Fdistro=trixie
aliases CVE-2014-6633, GHSA-m9jj-5qvj-5fhx, PYSEC-2018-59
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jqyv-wemu-pbdy
6
url VCID-nkhg-m2cc-vbfm
vulnerability_id VCID-nkhg-m2cc-vbfm
summary file_open in Tryton 3.x and 4.x through 4.2.2 allows remote authenticated users with certain permissions to read arbitrary files via a "same root name but with a suffix" attack. NOTE: This vulnerability exists because of an incomplete fix for CVE-2016-1242.
references
0
reference_url http://hg.tryton.org/trytond?cmd=changeset;node=472510fdc6f8
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://hg.tryton.org/trytond?cmd=changeset;node=472510fdc6f8
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-0360
reference_id
reference_type
scores
0
value 0.00317
scoring_system epss
scoring_elements 0.55055
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-0360
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0360
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0360
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2017-97.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2017-97.yaml
4
reference_url https://github.com/tryton/trytond
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond
5
reference_url https://github.com/tryton/trytond/commit/30e978593733385db3144f8c583eeb4679575cf0
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond/commit/30e978593733385db3144f8c583eeb4679575cf0
6
reference_url https://github.com/tryton/trytond/commit/a67a7f03c30277515f530cad5950056171ed5bd1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond/commit/a67a7f03c30277515f530cad5950056171ed5bd1
7
reference_url https://lists.debian.org/debian-security-announce/2017/msg00084.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-security-announce/2017/msg00084.html
8
reference_url http://www.debian.org/security/2017/dsa-3826
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2017/dsa-3826
9
reference_url http://www.securityfocus.com/bid/97489
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/97489
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-0360
reference_id CVE-2017-0360
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-0360
11
reference_url https://github.com/advisories/GHSA-7cwg-2575-3546
reference_id GHSA-7cwg-2575-3546
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7cwg-2575-3546
fixed_packages
0
url pkg:deb/debian/tryton-server@4.2.1-2?distro=trixie
purl pkg:deb/debian/tryton-server@4.2.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@4.2.1-2%3Fdistro=trixie
1
url pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@5.0.33-2%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
purl pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@6.0.29-2%252Bdeb12u4%3Fdistro=trixie
3
url pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.30-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.47-1%3Fdistro=trixie
aliases CVE-2017-0360, GHSA-7cwg-2575-3546, PYSEC-2017-97
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nkhg-m2cc-vbfm
7
url VCID-rjxp-25u1-9khe
vulnerability_id VCID-rjxp-25u1-9khe
summary file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1242
reference_id
reference_type
scores
0
value 0.00162
scoring_system epss
scoring_elements 0.36908
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1242
1
reference_url https://bugs.tryton.org/issue5808
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.tryton.org/issue5808
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1241
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1241
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1242
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1242
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2016-13.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2016-13.yaml
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tryton/PYSEC-2016-41.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/tryton/PYSEC-2016-41.yaml
6
reference_url https://github.com/tryton/trytond
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond
7
reference_url http://www.debian.org/security/2016/dsa-3656
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3656
8
reference_url http://www.tryton.org/posts/security-release-for-issue5795-and-issue5808.html
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.tryton.org/posts/security-release-for-issue5795-and-issue5808.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1242
reference_id CVE-2016-1242
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1242
10
reference_url https://github.com/advisories/GHSA-jpr7-8rxm-4vgx
reference_id GHSA-jpr7-8rxm-4vgx
reference_type
scores
url https://github.com/advisories/GHSA-jpr7-8rxm-4vgx
fixed_packages
0
url pkg:deb/debian/tryton-server@4.0.4-1?distro=trixie
purl pkg:deb/debian/tryton-server@4.0.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@4.0.4-1%3Fdistro=trixie
1
url pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@5.0.33-2%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
purl pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@6.0.29-2%252Bdeb12u4%3Fdistro=trixie
3
url pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.30-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.47-1%3Fdistro=trixie
aliases CVE-2016-1242, GHSA-jpr7-8rxm-4vgx, PYSEC-2016-13, PYSEC-2016-41
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rjxp-25u1-9khe
8
url VCID-ssd6-u3k1-kyh5
vulnerability_id VCID-ssd6-u3k1-kyh5
summary In trytond/model/modelstorage.py in Tryton 4.2 before 4.2.21, 4.4 before 4.4.19, 4.6 before 4.6.14, 4.8 before 4.8.10, and 5.0 before 5.0.6, an authenticated user can order records based on a field for which he has no access right. This may allow the user to guess values.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10868
reference_id
reference_type
scores
0
value 0.00267
scoring_system epss
scoring_elements 0.50327
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10868
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10868
2
reference_url https://discuss.tryton.org/t/security-release-for-issue8189/1262
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://discuss.tryton.org/t/security-release-for-issue8189/1262
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2019-127.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2019-127.yaml
4
reference_url https://github.com/tryton/trytond
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond
5
reference_url https://hg.tryton.org/trytond/rev/f58bbfe0aefb
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://hg.tryton.org/trytond/rev/f58bbfe0aefb
6
reference_url https://seclists.org/bugtraq/2019/Apr/14
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Apr/14
7
reference_url https://www.debian.org/security/2019/dsa-4426
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4426
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10868
reference_id CVE-2019-10868
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10868
9
reference_url https://github.com/advisories/GHSA-f6f2-pwrj-64h3
reference_id GHSA-f6f2-pwrj-64h3
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f6f2-pwrj-64h3
fixed_packages
0
url pkg:deb/debian/tryton-server@5.0.4-2?distro=trixie
purl pkg:deb/debian/tryton-server@5.0.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@5.0.4-2%3Fdistro=trixie
1
url pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@5.0.33-2%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
purl pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@6.0.29-2%252Bdeb12u4%3Fdistro=trixie
3
url pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.30-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.47-1%3Fdistro=trixie
aliases CVE-2019-10868, GHSA-f6f2-pwrj-64h3, PYSEC-2019-127
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ssd6-u3k1-kyh5
9
url VCID-svxa-7cfb-uyba
vulnerability_id VCID-svxa-7cfb-uyba
summary An XML Entity Expansion (XEE) issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An unauthenticated user can send a crafted XML-RPC message to consume all the resources of the server.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-26662
reference_id
reference_type
scores
0
value 0.05585
scoring_system epss
scoring_elements 0.90442
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-26662
1
reference_url https://bugs.tryton.org/issue11244
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.tryton.org/issue11244
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26661
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26661
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26662
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26662
4
reference_url https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059
5
reference_url https://hg.tryton.org/trytond
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://hg.tryton.org/trytond
6
reference_url https://lists.debian.org/debian-lts-announce/2022/03/msg00016.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/03/msg00016.html
7
reference_url https://lists.debian.org/debian-lts-announce/2022/03/msg00017.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/03/msg00017.html
8
reference_url https://www.debian.org/security/2022/dsa-5098
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5098
9
reference_url https://www.debian.org/security/2022/dsa-5099
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5099
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-26662
reference_id CVE-2022-26662
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-26662
11
reference_url https://github.com/advisories/GHSA-pm3h-mm62-pwm8
reference_id GHSA-pm3h-mm62-pwm8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pm3h-mm62-pwm8
fixed_packages
0
url pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@5.0.33-2%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@5.0.33-2%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/tryton-server@6.0.16-1?distro=trixie
purl pkg:deb/debian/tryton-server@6.0.16-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@6.0.16-1%3Fdistro=trixie
3
url pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
purl pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@6.0.29-2%252Bdeb12u4%3Fdistro=trixie
4
url pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.30-1%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.47-1%3Fdistro=trixie
aliases CVE-2022-26662, GHSA-pm3h-mm62-pwm8, PYSEC-2022-43171
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-svxa-7cfb-uyba
10
url VCID-xacz-jj4u-gqhu
vulnerability_id VCID-xacz-jj4u-gqhu
summary model/modelstorage.py in trytond 3.2.x before 3.2.10, 3.4.x before 3.4.8, 3.6.x before 3.6.5, and 3.8.x before 3.8.1 allows remote authenticated users to bypass intended access restrictions and write to arbitrary fields via a sequence of records.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0861
reference_id
reference_type
scores
0
value 0.00251
scoring_system epss
scoring_elements 0.48595
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0861
1
reference_url https://bugs.tryton.org/issue5167
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.tryton.org/issue5167
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0861
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0861
3
reference_url https://foss.heptapod.net/tryton/tryton/-/commit/06230c381593c79766c4d8dcc92da3391e3acad2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://foss.heptapod.net/tryton/tryton/-/commit/06230c381593c79766c4d8dcc92da3391e3acad2
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2016-11.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2016-11.yaml
5
reference_url https://github.com/tryton/trytond
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond
6
reference_url http://www.debian.org/security/2015/dsa-3425
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3425
7
reference_url http://www.tryton.org/posts/security-release-for-issue5167.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.tryton.org/posts/security-release-for-issue5167.html
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0861
reference_id CVE-2015-0861
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0861
9
reference_url https://github.com/advisories/GHSA-c8q5-2j73-qvcc
reference_id GHSA-c8q5-2j73-qvcc
reference_type
scores
url https://github.com/advisories/GHSA-c8q5-2j73-qvcc
fixed_packages
0
url pkg:deb/debian/tryton-server@3.8.1-1?distro=trixie
purl pkg:deb/debian/tryton-server@3.8.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@3.8.1-1%3Fdistro=trixie
1
url pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@5.0.33-2%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
purl pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@6.0.29-2%252Bdeb12u4%3Fdistro=trixie
3
url pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.30-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.47-1%3Fdistro=trixie
aliases CVE-2015-0861, GHSA-c8q5-2j73-qvcc, PYSEC-2016-11
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xacz-jj4u-gqhu
11
url VCID-y9yb-zjmq-hfgy
vulnerability_id VCID-y9yb-zjmq-hfgy
summary model/modelstorage.py in the Tryton application framework (trytond) before 2.4.0 for Python does not properly restrict access to the Many2Many field in the relation model, which allows remote authenticated users to modify the privileges of arbitrary users via a (1) create, (2) write, (3) delete, or (4) copy rpc call.
references
0
reference_url http://hg.tryton.org/trytond/rev/8e64d52ecea4
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://hg.tryton.org/trytond/rev/8e64d52ecea4
1
reference_url http://news.tryton.org/2012/03/security-releases-for-all-supported.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://news.tryton.org/2012/03/security-releases-for-all-supported.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-0215
reference_id
reference_type
scores
0
value 0.00617
scoring_system epss
scoring_elements 0.70265
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-0215
3
reference_url https://bugs.tryton.org/issue2476
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.tryton.org/issue2476
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2012-6.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2012-6.yaml
5
reference_url https://github.com/tryton/trytond
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond
6
reference_url https://github.com/tryton/trytond/commit/d059ebb792401ded3129cd9402d7392dc34b81e3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond/commit/d059ebb792401ded3129cd9402d7392dc34b81e3
7
reference_url https://web.archive.org/web/20121113201043/http://news.tryton.org/2012/03/security-releases-for-all-supported.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121113201043/http://news.tryton.org/2012/03/security-releases-for-all-supported.html
8
reference_url http://www.debian.org/security/2012/dsa-2444
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2444
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-0215
reference_id CVE-2012-0215
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-0215
10
reference_url https://github.com/advisories/GHSA-cqg4-rf29-3mv6
reference_id GHSA-cqg4-rf29-3mv6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cqg4-rf29-3mv6
fixed_packages
0
url pkg:deb/debian/tryton-server@2.2.2-1?distro=trixie
purl pkg:deb/debian/tryton-server@2.2.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@2.2.2-1%3Fdistro=trixie
1
url pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@5.0.33-2%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
purl pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@6.0.29-2%252Bdeb12u4%3Fdistro=trixie
3
url pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.30-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.47-1%3Fdistro=trixie
aliases CVE-2012-0215, GHSA-cqg4-rf29-3mv6, PYSEC-2012-6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y9yb-zjmq-hfgy
12
url VCID-zpha-95r9-ybca
vulnerability_id VCID-zpha-95r9-ybca
summary 
trytond does not enforce access rights for data export
Tryton trytond 6.0 before 7.6.11 does not enforce access rights for data export. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-66424
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.11732
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-66424
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66424
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66424
2
reference_url https://discuss.tryton.org/t/security-release-for-issue-14366/8953
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T13:33:40Z/
url https://discuss.tryton.org/t/security-release-for-issue-14366/8953
3
reference_url https://foss.heptapod.net/tryton/tryton/-/issues/14366
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T13:33:40Z/
url https://foss.heptapod.net/tryton/tryton/-/issues/14366
4
reference_url https://github.com/tryton/trytond
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121243
reference_id 1121243
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121243
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-66424
reference_id CVE-2025-66424
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-66424
7
reference_url https://github.com/advisories/GHSA-2w93-qwpp-vgvj
reference_id GHSA-2w93-qwpp-vgvj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2w93-qwpp-vgvj
fixed_packages
0
url pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@5.0.33-2%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/tryton-server@5.0.33-2%2Bdeb11u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@5.0.33-2%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
purl pkg:deb/debian/tryton-server@6.0.29-2%2Bdeb12u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@6.0.29-2%252Bdeb12u4%3Fdistro=trixie
3
url pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.30-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.30-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/tryton-server@7.0.40-1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.40-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.40-1%3Fdistro=trixie
5
url pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
purl pkg:deb/debian/tryton-server@7.0.47-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.47-1%3Fdistro=trixie
aliases CVE-2025-66424, GHSA-2w93-qwpp-vgvj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zpha-95r9-ybca
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/tryton-server@7.0.47-1%3Fdistro=trixie