Linux Distros Unpatched Vulnerability : CVE-2025-66422

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back server setup information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.7...

Linux Distros Unpatched Vulnerability : CVE-2025-66424

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tryton trytond 6.0 before 7.6.11 does not enforce access rights for data export. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70. CVE-2025-66424 Note that...

CVE-2025-66422

Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back server setup information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

trytoncalidae-authentication-dummy (=7.2.0), trytoncalidae-jinja-report (>=7.2.0 <=7.2.1) +211 more potentially affected by CVE-2025-66422 via trytond (=7.2.23)

trytond PYPI version =7.2.23 is affected by a known vulnerability. The following packages have a transitive dependency on trytond and may be impacted: - trytoncalidae-authentication-dummy =7.2.0 - trytoncalidae-jinja-report =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0,...

akademy-classe (>=1.1.0 <=7.0.0), akademy-classe-evaluation (>=1.3.0 <=7.0.0) +5 more potentially affected by CVE-2025-66422 via trytond (=7.0.0)

trytond PYPI version =7.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on trytond and may be impacted: - akademy-classe =1.1.0, =1.3.0, =1.1.0, =1.1.0, =1.0.0, =1.0.0, =1.1.0, =7.0.0 Source cves: CVE-2025-66422 Source advisory:...

akademy-classe (>=1.1.0 <=7.0.0), akademy-classe-evaluation (>=1.3.0 <=7.0.0) +5 more potentially affected by CVE-2025-66424 via trytond (=7.0.0)

trytond PYPI version =7.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on trytond and may be impacted: - akademy-classe =1.1.0, =1.3.0, =1.1.0, =1.1.0, =1.0.0, =1.0.0, =1.1.0, =7.0.0 Source cves: CVE-2025-66424 Source advisory:...

trytoncalidae-authentication-dummy (=7.2.0), trytoncalidae-jinja-report (>=7.2.0 <=7.2.1) +211 more potentially affected by CVE-2025-66424 via trytond (=7.2.23)

trytond PYPI version =7.2.23 is affected by a known vulnerability. The following packages have a transitive dependency on trytond and may be impacted: - trytoncalidae-authentication-dummy =7.2.0 - trytoncalidae-jinja-report =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0,...

akademy-classe (>=1.1.0 <=7.0.0), akademy-classe-evaluation (>=1.3.0 <=7.0.0) +5 more potentially affected by CVE-2025-66424 via trytond (=7.0.0)

trytond PYPI version =7.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on trytond and may be impacted: - akademy-classe =1.1.0, =1.3.0, =1.1.0, =1.1.0, =1.0.0, =1.0.0, =1.1.0, =7.0.0 Source cves: CVE-2025-66424 Source advisory: OSV:GHSA-2W93-QWPP-VGV...

GHSA-P3P5-XRMV-4J6X trytond does not enforce access rights for the route of the HTML editor.

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

a4t-sale-discount (=5.0.2), kalenis-lims (>=4.8.0 <=5.0.0) +260 more potentially affected by CVE-2025-66422 via trytond (>=4.0.20 <=5.8.16)

trytond PYPI version =4.0.20, =4.8.0, =5.4.0, =5.2.0, =5.2.0, =5.2.0, =5.2.0, =5.2.2, =5.2.0, =5.2.0, =5.2.0, =5.2.2 - m9s-account-invoice-report-filestore =5.2.0 and more Source cves: CVE-2025-66422 Source advisory: OSV:GHSA-JQFC-9Q34-PRHG...

trytond allows remote attackers to obtain sensitive trace-back (server setup) information

Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back server setup information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

DEBIAN-CVE-2025-66422

Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back server setup information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

CVE-2025-66422

Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back server setup information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

CVE-2025-66422

Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back server setup information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

GHSA-JFGC-5VH4-8RH5 trytond Incorrect Authorization vulnerability

trytond 2.4: ModelView.button fails to validate authorization...

trytond-account (>=4.0.2 <=4.2.11), trytond-account-asset (>=4.0.2 <=4.2.3) +99 more potentially affected by CVE-2017-0360 via trytond (>=4.0.20 <=4.2.22)

trytond PYPI version =4.0.20, =4.0.2, =4.0.2, =4.0.2, =4.0.2, =4.0.2, =4.2.0, =4.2.1 and more Source cves: CVE-2017-0360 Source advisory: OSV:PYSEC-2017-97...