6 matches found
trytond-account (>=4.0.2 <=4.2.11), trytond-account-asset (>=4.0.2 <=4.2.3) +99 more potentially affected by CVE-2017-0360 via trytond (>=4.0.20 <=4.2.22)
trytond PYPI version =4.0.20, =4.0.2, =4.0.2, =4.0.2, =4.0.2, =4.0.2, =4.2.0, =4.2.1 and more Source cves: CVE-2017-0360 Source advisory: OSV:PYSEC-2017-97...
CVE-2017-0360
fileopen in Tryton 3.x and 4.x through 4.2.2 allows remote authenticated users with certain permissions to read arbitrary files via a "same root name but with a suffix" attack. NOTE: This vulnerability exists because of an incomplete fix for CVE-2016-1242...
CVE-2017-0360
fileopen in Tryton 3.x and 4.x through 4.2.2 allows remote authenticated users with certain permissions to read arbitrary files via a "same root name but with a suffix" attack. NOTE: This vulnerability exists because of an incomplete fix for CVE-2016-1242...
CVE-2017-0360
CVE-2017-0360 details (details from connected docs) : In Tryton, file_open vulnerability affects 3.x and 4.x up to 4.2.2, allowing remote authenticated users with certain permissions to read arbitrary files by exploiting a “same root name but with a suffix” attack. The issue is noted as stemming ...
[SECURITY] [DSA 3826-1] tryton-server security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3826-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 04, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3826-1] tryton-server security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3826-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 04, 2017 https://www.debian.org/security/faq -...