| Release | Version |
|---|---|
| jessie | 3.4.0-3+deb8u3 |
| stretch | 4.2.1-2+deb9u2 |
| buster | 5.0.4-2+deb10u3 |
| bullseye | 5.0.33-2+deb11u2 |
| bookworm | 6.0.29-2+deb12u3 |
| trixie | 6.0.53-1 |
| sid | 7.0.19-7 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| TEMP-0000000-FDAB26 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | Transaction cache overrides the current user |
| TEMP-0000000-0477AA | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | get_groups does not always returns the group of the action |
| TEMP-0000000-9BB4B1 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | tryton-server lack of record validation |
| TEMP-0000000-9B1564 | vulnerable | vulnerable | fixed | vulnerable (no DSA) | fixed | fixed | fixed | tryton zipbomb DoS |
| TEMP-0000000-4F0A4A | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Access to records of report are not checked |
| CVE-2022-26662 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An XML Entity Expansion (XEE) issue was discovered in Tryton Applicati ... |
| CVE-2022-26661 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An XXE issue was discovered in Tryton Application Platform (Server) 5. ... |
| Bug | Description |
|---|---|
| CVE-2019-10868 | In trytond/model/modelstorage.py in Tryton 4.2 before 4.2.21, 4.4 befo ... |
| CVE-2017-0360 | file_open in Tryton 3.x and 4.x through 4.2.2 allows remote authentica ... |
| CVE-2016-1242 | file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3 ... |
| CVE-2016-1241 | Tryton 3.x before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3. ... |
| CVE-2015-0861 | model/modelstorage.py in trytond 3.2.x before 3.2.10, 3.4.x before 3.4 ... |
| CVE-2014-6633 | The safe_eval function in trytond in Tryton before 2.4.15, 2.6.x befor ... |
| CVE-2012-2238 | trytond 2.4: ModelView.button fails to validate authorization |
| CVE-2012-0215 | model/modelstorage.py in the Tryton application framework (trytond) be ... |
| DSA / DLA | Description |
|---|---|
| DSA-5776-1 | tryton-server - security update |
| DLA-3853-1 | tryton-server - security update |
| DLA-3547-1 | tryton-server - security update |
| DSA-5482-1 | tryton-server - security update |
| DLA-2945-1 | tryton-server - security update |
| DSA-5098-1 | tryton-server - security update |
| DSA-4426-1 | tryton-server - security update |
| DSA-3826-1 | tryton-server - security update |
| DLA-882-1 | tryton-server - security update |
| DLA-607-1 | tryton-server - security update |
| DSA-3656-1 | tryton-server - security update |
| DSA-3425-1 | tryton-server - security update |
| DLA-70-1 | tryton-server - security update |
| DSA-3043-1 | tryton-server - security update |
| DSA-2444-1 | tryton-server - privilege escalation |