UBUNTU-CVE-2020-29396

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2020-29396

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-29396.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2020-29396

Related

CVE-2020-29396

Published

2020-12-22T17:15:00Z

Modified

2025-04-23T15:16:55Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation.

References

Affected packages

Ubuntu:22.04:LTS / odoo

Package

Name: odoo
Purl: pkg:deb/ubuntu/odoo@14.0.0+dfsg.3-1?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

14.*

14.0.0+dfsg.2-7

14.0.0+dfsg.3-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.10 / odoo

Package

Name: odoo
Purl: pkg:deb/ubuntu/odoo@16.0.0+dfsg.2-3?arch=source&distro=oracular

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

16.*

16.0.0+dfsg.2-2

16.0.0+dfsg.2-3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / odoo

Package

Name: odoo
Purl: pkg:deb/ubuntu/odoo@16.0.0+dfsg.2-2?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

16.*

16.0.0+dfsg.1-3

16.0.0+dfsg.2-1.1

16.0.0+dfsg.2-2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:25.04 / odoo

Package

Name: odoo
Purl: pkg:deb/ubuntu/odoo@18.0.0+dfsg-2?arch=source&distro=plucky

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

16.*

16.0.0+dfsg.2-3

17.*

17.0.0+dfsg3-1

18.*

18.0.0+dfsg-1.1

18.0.0+dfsg-2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}