Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1xam1jLXd3bXctY3E5cs4AAe5F
Tryton Directory Traversal vulnerability
Directory traversal vulnerability in the client in Tryton 3.0.0, as distributed before 20131104 and earlier, allows remote servers to write arbitrary files via path separators in the extension of a report.
Permalink: https://github.com/advisories/GHSA-qjmc-wwmw-cq9rJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1xam1jLXd3bXctY3E5cs4AAe5F
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: about 2 years ago
Updated: 18 days ago
Identifiers: GHSA-qjmc-wwmw-cq9r, CVE-2013-4510
References:
- https://nvd.nist.gov/vuln/detail/CVE-2013-4510
- https://bugs.tryton.org/issue3446
- http://hg.tryton.org/tryton/rev/357d0a4d9cb8
- http://www.debian.org/security/2013/dsa-2791
- http://www.openwall.com/lists/oss-security/2013/11/04/21
- http://www.tryton.org/posts/security-release-for-issue3446.html
- https://github.com/advisories/GHSA-qjmc-wwmw-cq9r
Affected Packages
pypi:trytond
Dependent packages: 298Dependent repositories: 184
Downloads: 37,224 last month
Affected Version Ranges: = 3.0.0
No known fixed version
All affected versions: 3.0.0