EUVD-2017-0137

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Remote users can read arbitrary files in Tryton 3.x and 4.x due to incomplete CVE-2016-1242 fix.

Reporter	Title	Published	Views	Family All 28
CNVD	Tryton Arbitrary File Read Vulnerability	24 May 201700:00	–	cnvd
CVE	CVE-2017-0360	4 Apr 201717:00	–	cve
Cvelist	CVE-2017-0360	4 Apr 201717:00	–	cvelist
Debian	[SECURITY] [DLA 882-1] tryton-server security update	4 Apr 201708:24	–	debian
Debian	[SECURITY] [DSA 3826-1] tryton-server security update	4 Apr 201715:36	–	debian
Debian	[SECURITY] [DSA 3826-1] tryton-server security update	4 Apr 201715:36	–	debian
Debian CVE	CVE-2017-0360	4 Apr 201717:00	–	debiancve
Tenable Nessus	Debian DLA-882-1 : tryton-server security update	5 Apr 201700:00	–	nessus
Tenable Nessus	Debian DSA-3826-1 : tryton-server - security update	5 Apr 201700:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2017-0360	25 Aug 202500:00	–	nessus

[
  {
    "enisaIdVendor": [
      {
        "id": "5b90cf86-30bb-38ca-80cb-ecf68f409039",
        "vendor": {
          "name": "n/a"
        }
      }
    ]
  }
]

Source	Link
lists	www.lists.debian.org/debian-security-announce/2017/msg00084.html
hg	www.hg.tryton.org/trytond
securityfocus	www.securityfocus.com/bid/97489
debian	www.debian.org/security/2017/dsa-3826
nvd	www.nvd.nist.gov/vuln/detail/CVE-2017-0360
github	www.github.com/tryton/trytond/commit/30e978593733385db3144f8c583eeb4679575cf0
github	www.github.com/tryton/trytond/commit/a67a7f03c30277515f530cad5950056171ed5bd1
github	www.github.com/pypa/advisory-database/tree/main/vulns/trytond/PYSEC-2017-97.yaml
suse	www.suse.com/security/cve/CVE-2017-0360.html
debian	www.debian.org/security/2017/dsa-3826

07 Oct 2025 00:30Current

5.2Medium risk

Vulners AI Score5.2

CVSS 35.3

CVSS 23.5

EPSS0.00317