trytond 7.6.10 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the trytond package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Incorrect Authorization Affected versions of this package are vulnerable to Incorrect Authorization in the HTML editor route. An attacker can gain unauthorized access to sensitive information and user metadata by sending crafted requests to the affected endpoint. How to fix Incorrect Authorization? Upgrade `trytond` to version 6.0.70, 7.0.40, 7.4.21, 7.6.11 or higher.	[6.0.0,6.0.70)[7.0.0,7.0.40)[7.2.0,7.4.21)[7.6.0,7.6.11)
M Information Exposure Affected versions of this package are vulnerable to Information Exposure through error messages returned by the JSON-RPC API. An attacker can access sensitive trace-back information, including information about the internal network configuration and server setup, by sending malformed JSON-RPC requests to the server. How to fix Information Exposure? Upgrade `trytond` to version 7.6.11 or higher.	[,7.6.11)
H Incorrect Authorization Affected versions of this package are vulnerable to Incorrect Authorization in the `__export_row` function of `modelstorage.py`. An attacker can access sensitive information by exporting data without proper access rights. How to fix Incorrect Authorization? Upgrade `trytond` to version 6.0.70, 7.0.40, 7.4.21, 7.6.11 or higher.	[6.0.0,6.0.70)[7.0.0,7.0.40)[7.2.0,7.4.21)[7.6.0,7.6.11)

Vulnerability

Vulnerable Version

Incorrect Authorization

Affected versions of this package are vulnerable to Incorrect Authorization in the HTML editor route. An attacker can gain unauthorized access to sensitive information and user metadata by sending crafted requests to the affected endpoint.

How to fix Incorrect Authorization?

Upgrade trytond to version 6.0.70, 7.0.40, 7.4.21, 7.6.11 or higher.

[6.0.0,6.0.70)[7.0.0,7.0.40)[7.2.0,7.4.21)[7.6.0,7.6.11)

Information Exposure

Affected versions of this package are vulnerable to Information Exposure through error messages returned by the JSON-RPC API. An attacker can access sensitive trace-back information, including information about the internal network configuration and server setup, by sending malformed JSON-RPC requests to the server.

How to fix Information Exposure?

Upgrade trytond to version 7.6.11 or higher.

[,7.6.11)

Incorrect Authorization

Affected versions of this package are vulnerable to Incorrect Authorization in the __export_row function of modelstorage.py. An attacker can access sensitive information by exporting data without proper access rights.

How to fix Incorrect Authorization?

Upgrade trytond to version 6.0.70, 7.0.40, 7.4.21, 7.6.11 or higher.

[6.0.0,6.0.70)[7.0.0,7.0.40)[7.2.0,7.4.21)[7.6.0,7.6.11)

trytond@7.6.10 vulnerabilities

Tryton server

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically