Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DLA-70-1
HistoryOct 05, 2014 - 12:00 a.m.

tryton-server - security update

2014-10-0500:00:00
Google
osv.dev
7

EPSS

0.003

Percentile

71.3%

JSON

duesenfranz discovered, that safe_eval in trytond could be used to execute
arbitrary commands, mainly via the webdav interface. The patches applied do not
allow double underscores in safe_eval and avoid double evaluation from inherit
with a different model.

For Debian 6 Squeeze, these issues have been fixed in tryton-server version 1.6.1-2+squeeze2

Related

veracode 1
openvas 2
prion 1
github 1
nessus 2
osv 2
cvelist 1
ubuntucve 1
debian 1
debiancve 1
cve 1
nvd 1
veracode
veracode
Arbitrary Code Execution
2018-04-16 03:57:08
openvas
openvas
Debian: Security Advisory (DLA-70-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-3043-1)
2023-03-08 00:00:00
prion
prion
Code injection
2018-04-12 15:29:00
github
github
Tryton vulnerable to arbitrary command execution
2022-05-14 03:21:41
nessus
nessus
Debian DLA-70-1 : tryton-server security update
2015-03-26 00:00:00
Debian DSA-3043-1 : tryton-server - security update
2020-03-09 00:00:00
osv
osv
tryton-server - security update
2014-10-04 00:00:00
PYSEC-2018-59
2018-04-12 15:29:00
cvelist
cvelist
CVE-2014-6633
2018-04-12 15:00:00
ubuntucve
ubuntucve
CVE-2014-6633
2018-04-12 00:00:00
debian
debian
[SECURITY] [DLA 70-1] tryton-server security update
2014-10-05 18:33:43
debiancve
debiancve
CVE-2014-6633
2018-04-12 15:29:00
cve
cve
CVE-2014-6633
2018-04-12 15:29:00
nvd
nvd
CVE-2014-6633
2018-04-12 15:29:00

EPSS

0.003

Percentile

71.3%

JSON
Related for OSV:DLA-70-1
veracode1openvas2prion1github1nessus2osv2cvelist1ubuntucve1debian1debiancve1cve1nvd1