Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/trytond@3.4.2
Typepypi
Namespace
Nametrytond
Version3.4.2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version6.0.70
Latest_non_vulnerable_version7.6.11
Affected_by_vulnerabilities
0
url VCID-d2ex-b38e-bbg2
vulnerability_id VCID-d2ex-b38e-bbg2
summary Tryton 3.x before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allow remote authenticated users to discover user password hashes via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1241
reference_id
reference_type
scores
0
value 0.00105
scoring_system epss
scoring_elements 0.28144
published_at 2026-06-04T12:55:00Z
1
value 0.00105
scoring_system epss
scoring_elements 0.28214
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1241
1
reference_url https://bugs.tryton.org/issue5795
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.tryton.org/issue5795
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1241
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1241
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1242
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1242
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2016-12.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2016-12.yaml
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tryton/PYSEC-2016-40.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/tryton/PYSEC-2016-40.yaml
6
reference_url https://github.com/tryton/trytond
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond
7
reference_url https://github.com/tryton/trytond/commit/11424d57b7838381745655e2e89470ff9087cd27
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond/commit/11424d57b7838381745655e2e89470ff9087cd27
8
reference_url https://github.com/tryton/trytond/commit/30d2a6dcaf09340829cd70ee8a15a4941ca7161a
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond/commit/30d2a6dcaf09340829cd70ee8a15a4941ca7161a
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1241
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1241
10
reference_url http://www.debian.org/security/2016/dsa-3656
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3656
11
reference_url http://www.tryton.org/posts/security-release-for-issue5795-and-issue5808.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.tryton.org/posts/security-release-for-issue5795-and-issue5808.html
12
reference_url https://github.com/advisories/GHSA-52j9-v3jc-9xgc
reference_id GHSA-52j9-v3jc-9xgc
reference_type
scores
url https://github.com/advisories/GHSA-52j9-v3jc-9xgc
fixed_packages
0
url pkg:pypi/trytond@3.4.14
purl pkg:pypi/trytond@3.4.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-q985-c71n-9bb9
1
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.4.14
1
url pkg:pypi/trytond@3.6.12
purl pkg:pypi/trytond@3.6.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-q985-c71n-9bb9
1
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.6.12
2
url pkg:pypi/trytond@3.8.8
purl pkg:pypi/trytond@3.8.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-q985-c71n-9bb9
1
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.8.8
3
url pkg:pypi/trytond@4.0.4
purl pkg:pypi/trytond@4.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-q985-c71n-9bb9
1
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@4.0.4
aliases CVE-2016-1241, GHSA-52j9-v3jc-9xgc, PYSEC-2016-12, PYSEC-2016-40
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d2ex-b38e-bbg2
1
url VCID-dn5v-2sp3-5uez
vulnerability_id VCID-dn5v-2sp3-5uez
summary file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1242
reference_id
reference_type
scores
0
value 0.00162
scoring_system epss
scoring_elements 0.36887
published_at 2026-06-04T12:55:00Z
1
value 0.00162
scoring_system epss
scoring_elements 0.36979
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1242
1
reference_url https://bugs.tryton.org/issue5808
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.tryton.org/issue5808
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1241
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1241
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1242
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1242
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2016-13.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2016-13.yaml
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/tryton/PYSEC-2016-41.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/tryton/PYSEC-2016-41.yaml
6
reference_url https://github.com/tryton/trytond
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond
7
reference_url http://www.debian.org/security/2016/dsa-3656
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3656
8
reference_url http://www.tryton.org/posts/security-release-for-issue5795-and-issue5808.html
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.tryton.org/posts/security-release-for-issue5795-and-issue5808.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1242
reference_id CVE-2016-1242
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1242
10
reference_url https://github.com/advisories/GHSA-jpr7-8rxm-4vgx
reference_id GHSA-jpr7-8rxm-4vgx
reference_type
scores
url https://github.com/advisories/GHSA-jpr7-8rxm-4vgx
fixed_packages
0
url pkg:pypi/trytond@3.4.14
purl pkg:pypi/trytond@3.4.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-q985-c71n-9bb9
1
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.4.14
1
url pkg:pypi/trytond@3.6.12
purl pkg:pypi/trytond@3.6.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-q985-c71n-9bb9
1
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.6.12
2
url pkg:pypi/trytond@3.8.8
purl pkg:pypi/trytond@3.8.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-q985-c71n-9bb9
1
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.8.8
3
url pkg:pypi/trytond@4.0.4
purl pkg:pypi/trytond@4.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-q985-c71n-9bb9
1
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@4.0.4
aliases CVE-2016-1242, GHSA-jpr7-8rxm-4vgx, PYSEC-2016-13, PYSEC-2016-41
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dn5v-2sp3-5uez
2
url VCID-q985-c71n-9bb9
vulnerability_id VCID-q985-c71n-9bb9
summary 
trytond allows remote attackers to obtain sensitive trace-back (server setup) information
Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back (server setup) information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-66422
reference_id
reference_type
scores
0
value 0.00054
scoring_system epss
scoring_elements 0.17359
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-66422
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66422
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66422
2
reference_url https://discuss.tryton.org/t/security-release-for-issue-14354/8950
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T13:33:24Z/
url https://discuss.tryton.org/t/security-release-for-issue-14354/8950
3
reference_url https://foss.heptapod.net/tryton/tryton/-/issues/14354
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T13:33:24Z/
url https://foss.heptapod.net/tryton/tryton/-/issues/14354
4
reference_url https://github.com/tryton/trytond
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121242
reference_id 1121242
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121242
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-66422
reference_id CVE-2025-66422
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-66422
7
reference_url https://github.com/advisories/GHSA-jqfc-9q34-prhg
reference_id GHSA-jqfc-9q34-prhg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jqfc-9q34-prhg
fixed_packages
0
url pkg:pypi/trytond@6.0.70
purl pkg:pypi/trytond@6.0.70
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@6.0.70
1
url pkg:pypi/trytond@7.0.40
purl pkg:pypi/trytond@7.0.40
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@7.0.40
2
url pkg:pypi/trytond@7.4.21
purl pkg:pypi/trytond@7.4.21
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@7.4.21
3
url pkg:pypi/trytond@7.6.11
purl pkg:pypi/trytond@7.6.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@7.6.11
aliases CVE-2025-66422, GHSA-jqfc-9q34-prhg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q985-c71n-9bb9
3
url VCID-qw4q-qbp7-1fg4
vulnerability_id VCID-qw4q-qbp7-1fg4
summary model/modelstorage.py in trytond 3.2.x before 3.2.10, 3.4.x before 3.4.8, 3.6.x before 3.6.5, and 3.8.x before 3.8.1 allows remote authenticated users to bypass intended access restrictions and write to arbitrary fields via a sequence of records.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0861
reference_id
reference_type
scores
0
value 0.00251
scoring_system epss
scoring_elements 0.48678
published_at 2026-06-05T12:55:00Z
1
value 0.00251
scoring_system epss
scoring_elements 0.48615
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0861
1
reference_url https://bugs.tryton.org/issue5167
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.tryton.org/issue5167
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0861
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0861
3
reference_url https://foss.heptapod.net/tryton/tryton/-/commit/06230c381593c79766c4d8dcc92da3391e3acad2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://foss.heptapod.net/tryton/tryton/-/commit/06230c381593c79766c4d8dcc92da3391e3acad2
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2016-11.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2016-11.yaml
5
reference_url https://github.com/tryton/trytond
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond
6
reference_url http://www.debian.org/security/2015/dsa-3425
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3425
7
reference_url http://www.tryton.org/posts/security-release-for-issue5167.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.tryton.org/posts/security-release-for-issue5167.html
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0861
reference_id CVE-2015-0861
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0861
9
reference_url https://github.com/advisories/GHSA-c8q5-2j73-qvcc
reference_id GHSA-c8q5-2j73-qvcc
reference_type
scores
url https://github.com/advisories/GHSA-c8q5-2j73-qvcc
fixed_packages
0
url pkg:pypi/trytond@3.4.8
purl pkg:pypi/trytond@3.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d2ex-b38e-bbg2
1
vulnerability VCID-dn5v-2sp3-5uez
2
vulnerability VCID-q985-c71n-9bb9
3
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.4.8
1
url pkg:pypi/trytond@3.6.5
purl pkg:pypi/trytond@3.6.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d2ex-b38e-bbg2
1
vulnerability VCID-dn5v-2sp3-5uez
2
vulnerability VCID-q985-c71n-9bb9
3
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.6.5
2
url pkg:pypi/trytond@3.8.1
purl pkg:pypi/trytond@3.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d2ex-b38e-bbg2
1
vulnerability VCID-dn5v-2sp3-5uez
2
vulnerability VCID-q985-c71n-9bb9
3
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.8.1
aliases CVE-2015-0861, GHSA-c8q5-2j73-qvcc, PYSEC-2016-11
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qw4q-qbp7-1fg4
4
url VCID-ye2t-2sf7-6fd6
vulnerability_id VCID-ye2t-2sf7-6fd6
summary file_open in Tryton 3.x and 4.x through 4.2.2 allows remote authenticated users with certain permissions to read arbitrary files via a "same root name but with a suffix" attack. NOTE: This vulnerability exists because of an incomplete fix for CVE-2016-1242.
references
0
reference_url http://hg.tryton.org/trytond?cmd=changeset;node=472510fdc6f8
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://hg.tryton.org/trytond?cmd=changeset;node=472510fdc6f8
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-0360
reference_id
reference_type
scores
0
value 0.00317
scoring_system epss
scoring_elements 0.5514
published_at 2026-06-05T12:55:00Z
1
value 0.00317
scoring_system epss
scoring_elements 0.55082
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-0360
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0360
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0360
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2017-97.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2017-97.yaml
4
reference_url https://github.com/tryton/trytond
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond
5
reference_url https://github.com/tryton/trytond/commit/30e978593733385db3144f8c583eeb4679575cf0
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond/commit/30e978593733385db3144f8c583eeb4679575cf0
6
reference_url https://github.com/tryton/trytond/commit/a67a7f03c30277515f530cad5950056171ed5bd1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/tryton/trytond/commit/a67a7f03c30277515f530cad5950056171ed5bd1
7
reference_url https://lists.debian.org/debian-security-announce/2017/msg00084.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-security-announce/2017/msg00084.html
8
reference_url http://www.debian.org/security/2017/dsa-3826
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2017/dsa-3826
9
reference_url http://www.securityfocus.com/bid/97489
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/97489
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-0360
reference_id CVE-2017-0360
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-0360
11
reference_url https://github.com/advisories/GHSA-7cwg-2575-3546
reference_id GHSA-7cwg-2575-3546
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7cwg-2575-3546
fixed_packages
0
url pkg:pypi/trytond@3.4.18
purl pkg:pypi/trytond@3.4.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-q985-c71n-9bb9
1
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.4.18
1
url pkg:pypi/trytond@3.6.17
purl pkg:pypi/trytond@3.6.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-q985-c71n-9bb9
1
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.6.17
2
url pkg:pypi/trytond@3.8.15
purl pkg:pypi/trytond@3.8.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-q985-c71n-9bb9
1
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.8.15
3
url pkg:pypi/trytond@4.0.10
purl pkg:pypi/trytond@4.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-q985-c71n-9bb9
1
vulnerability VCID-ye2t-2sf7-6fd6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@4.0.10
4
url pkg:pypi/trytond@4.2.3
purl pkg:pypi/trytond@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kjnf-nmzs-c7b5
1
vulnerability VCID-ph7f-mq5z-3kg8
2
vulnerability VCID-q985-c71n-9bb9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/trytond@4.2.3
aliases CVE-2017-0360, GHSA-7cwg-2575-3546, PYSEC-2017-97
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ye2t-2sf7-6fd6
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/trytond@3.4.2