8 matches found
CVE-2015-0861
model/modelstorage.py in trytond 3.2.x before 3.2.10, 3.4.x before 3.4.8, 3.6.x before 3.6.5, and 3.8.x before 3.8.1 allows remote authenticated users to bypass intended access restrictions and write to arbitrary fields via a sequence of records...
CVE-2015-0861
model/modelstorage.py in trytond 3.2.x before 3.2.10, 3.4.x before 3.4.8, 3.6.x before 3.6.5, and 3.8.x before 3.8.1 allows remote authenticated users to bypass intended access restrictions and write to arbitrary fields via a sequence of records...
CVE-2015-0861
The CVE-2015-0861 entry affects trytond (models in modelstorage.py) across multiple series (3.2.x before 3.2.10, 3.4.x before 3.4.8, 3.6.x before 3.6.5, 3.8.x before 3.8.1). The vulnerability allows remote authenticated users to bypass intended access restrictions and write to arbitrary fields by...
Debian DSA-3425-1 : tryton-server - security update
Cedric Krier discovered a vulnerability in the server-side of Tryton, an application framework written in Python. An authenticated malicious user can write arbitrary values in record fields due missed checks of access permissions when multiple records are written. The oldstable distribution wheez...
[SECURITY] [DSA 3425-1] tryton-server security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3425-1 [email protected] https://www.debian.org/security/ Luciano Bello December 17, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3425-1] tryton-server security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3425-1 [email protected] https://www.debian.org/security/ Luciano Bello December 17, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3425-1] tryton-server security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3425-1 [email protected] https://www.debian.org/security/ Luciano Bello December 17, 2015 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3425-1 (tryton-server - security update)
Cdric Krier discovered a vulnerability in the server-side of Tryton, an application framework written in Python. An authenticated malicious user can write arbitrary values in record fields due missed checks of access permissions when multiple records are written. The oldstable distribution wheezy...