Ecosyste.ms: Advisories

Security Advisories: GSA_kwCzR0hTQS1xam1jLXd3bXctY3E5cs4AAe5F

Tryton Directory Traversal vulnerability

Directory traversal vulnerability in the client in Tryton 3.0.0, as distributed before 20131104 and earlier, allows remote servers to write arbitrary files via path separators in the extension of a report.

Permalink: https://github.com/advisories/GHSA-qjmc-wwmw-cq9r
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1xam1jLXd3bXctY3E5cs4AAe5F
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: about 2 years ago
Updated: 18 days ago

Identifiers: GHSA-qjmc-wwmw-cq9r, CVE-2013-4510
References:

• https://nvd.nist.gov/vuln/detail/CVE-2013-4510
• https://bugs.tryton.org/issue3446
• http://hg.tryton.org/tryton/rev/357d0a4d9cb8
• http://www.debian.org/security/2013/dsa-2791
• http://www.openwall.com/lists/oss-security/2013/11/04/21
• http://www.tryton.org/posts/security-release-for-issue3446.html
• https://github.com/advisories/GHSA-qjmc-wwmw-cq9r

Blast Radius: 0.0

Affected Packages