CVE-2016-1242
Publication date 7 September 2016
Last updated 26 August 2025
Ubuntu priority
Cvss 3 Severity Score
Description
file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| tryton-server | 26.04 LTS resolute |
Not affected
|
| 24.04 LTS noble |
Not affected
|
|
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal |
Not affected
|
|
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial | Ignored end of standard support, was needed | |
| 14.04 LTS trusty | Not in release | |
Patch details
| Package | Patch details |
|---|---|
| tryton-server |
Severity score breakdown
CVSS version: CVSS v3.0
Base score
4.4 · Medium
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N