Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, remote attackers can bypass authentication under certain circumstances because parameters containing 0x00 characters are truncated before reaching the database layer. This occurs because Psycopg 2.x before 2.6.3 is used.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Odoo产品Psycopg 安全漏洞
Vulnerability Description
Odoo(前称OpenERP)等都是比利时Odoo公司的产品。Odoo是一套企业资源计划(ERP)和客户关系管理(CRM)系统;Odoo Community Edition是它的社区版;Odoo Enterprise Edition是它的企业版。Psycopg是其中的一个PostgreSQL(数据库)适配器。 多款Odoo产品中的Psycopg 2.6.3之前的2.x版本存在安全漏洞,该漏洞源于程序没有正确的处理含有‘0x00’字符串的数据库查询参数。远程攻击者可利用该漏洞绕过身份验证。以下产品和版本受到
CVSS Information
N/A
Vulnerability Type
N/A