Tryton Trytond
6 CVEs affecting Tryton Trytond. Latest disclosed: 2025-11-30. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-66423 | High | 7.1 | 2025-11-30 | Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70. |
CVE-2025-66424 | Medium | 6.5 | 2025-11-30 | Tryton trytond 6.0 before 7.6.11 does not enforce access rights for data export. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70. |
CVE-2025-66422 | Medium | 4.3 | 2025-11-30 | Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back (server setup) information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6… |
CVE-2015-0861 | Medium | 4.3 | 2016-04-13 | model/modelstorage.py in trytond 3.2.x before 3.2.10, 3.4.x before 3.4.8, 3.6.x before 3.6.5, and 3.8.x before 3.8.1 allows remote authenticated users to bypas… |
CVE-2012-2238 | | 2019-11-21 | trytond 2.4: ModelView.button fails to validate authorization | |
CVE-2012-0215 | | 2012-07-12 | model/modelstorage.py in the Tryton application framework (trytond) before 2.4.0 for Python does not properly restrict access to the Many2Many field in the rel… |