Lucene search
GoogleOSV:DSA-3425-1HistoryDec 17, 2015 - 12:00 a.m.
tryton-server - security update
2015-12-1700:00:00
Google
osv.dev
7
0.002 Low
EPSS
Percentile
51.8%
CĂŠdric Krier discovered a vulnerability in the server-side of Tryton, an
application framework written in Python. An authenticated malicious
user can write arbitrary values in record fields due missed checks of
access permissions when multiple records are written.
The oldstable distribution (wheezy) is not affected.
For the stable distribution (jessie), this problem has been fixed in
version 3.4.0-3+deb8u1.
For the unstable distribution (sid), this problem has been fixed in
version 3.8.1-1.
We recommend that you upgrade your tryton-server packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| tryton-server | eq | 3.4.0-3 |
References
Related
openvas
openvas
Debian Security Advisory DSA 3425-1 (tryton-server - security update)
2015-12-17 00:00:00
Debian: Security Advisory (DSA-3425-1)
2015-12-16 00:00:00
nessus
nessus
Debian DSA-3425-1 : tryton-server - security update
2015-12-18 00:00:00
cve
cve
CVE-2015-0861
2016-04-13 15:59:00
debian
debian
[SECURITY] [DSA 3425-1] tryton-server security update
2015-12-17 10:20:45
[SECURITY] [DSA 3425-1] tryton-server security update
2015-12-17 10:16:42
[SECURITY] [DSA 3425-1] tryton-server security update
2015-12-17 10:20:45
nvd
nvd
CVE-2015-0861
2016-04-13 15:59:00
github
github
trytond arbitrary fields write via a sequence of records
2022-05-14 01:37:28
osv
osv
PYSEC-2016-11
2016-04-13 15:59:00
prion
prion
Design/Logic Flaw
2016-04-13 15:59:00
cvelist
cvelist
CVE-2015-0861
2016-04-13 15:00:00
ubuntucve
ubuntucve
CVE-2015-0861
2016-04-13 00:00:00
debiancve
debiancve
CVE-2015-0861
2016-04-13 15:59:00