Homepage
About Snyk

trytond@6.2.0 vulnerabilities

Tryton server

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the trytond package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
XML External Entity (XXE) Injection

Affected versions of this package are vulnerable to XML External Entity (XXE) Injection where an authenticated user can make the server parse a crafted XML SEPA file to access arbitrary files on the system.

How to fix XML External Entity (XXE) Injection?

Upgrade trytond to version 5.0.46, 6.0.16, 6.2.6 or higher.

[5.0.0,5.0.46) [6.0.0,6.0.16) [6.2.0,6.2.6)
  • H
XML External Entity (XXE) Injection

Affected versions of this package are vulnerable to XML External Entity (XXE) Injection where an unauthenticated user can send a crafted XML-RPC message to consume all the resources of the server.

How to fix XML External Entity (XXE) Injection?

Upgrade trytond to version 5.0.46, 6.0.16, 6.2.6 or higher.

[5.0.0,5.0.46) [6.0.0,6.0.16) [6.2.0,6.2.6)
Go back to all versions of this package