| Bug | Description |
|---|
| CVE-2024-4367 | A type check was missing when handling fonts in PDF.js, which would al ... |
| CVE-2021-45111 | Improper access control in Odoo Community 15.0 and earlier and Odoo En ... |
| CVE-2021-45071 | Cross-site scripting (XSS) issue Odoo Community 15.0 and earlier and O ... |
| CVE-2021-44775 | Cross-site scripting (XSS) issue in Website app of Odoo Community 15.0 ... |
| CVE-2021-44547 | A sandboxing issue in Odoo Community 15.0 and Odoo Enterprise 15.0 all ... |
| CVE-2021-44476 | A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterpr ... |
| CVE-2021-44465 | Improper access control in Odoo Community 13.0 and earlier and Odoo En ... |
| CVE-2021-44460 | Improper access control in Odoo Community 13.0 and earlier and Odoo En ... |
| CVE-2021-26947 | Cross-site scripting (XSS) issue Odoo Community 15.0 and earlier and O ... |
| CVE-2021-26263 | Cross-site scripting (XSS) issue in Discuss app of Odoo Community 14.0 ... |
| CVE-2021-23203 | Improper access control in reporting engine of Odoo Community 14.0 thr ... |
| CVE-2021-23186 | A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterpr ... |
| CVE-2021-23178 | Improper access control in Odoo Community 15.0 and earlier and Odoo En ... |
| CVE-2021-23176 | Improper access control in reporting engine of l10n_fr_fec module in O ... |
| CVE-2021-23166 | A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterpr ... |
| CVE-2020-29396 | A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterp ... |
| CVE-2019-11786 | Improper access control in Odoo Community 13.0 and earlier and Odoo En ... |
| CVE-2019-11785 | Improper access control in mail module (followers) in Odoo Community 1 ... |
| CVE-2019-11784 | Improper access control in mail module (notifications) in Odoo Communi ... |
| CVE-2019-11783 | Improper access control in mail module (channel partners) in Odoo Comm ... |
| CVE-2019-11782 | Improper access control in Odoo Community 14.0 and earlier and Odoo En ... |
| CVE-2019-11781 | Improper input validation in portal component in Odoo Community 12.0 a ... |
| CVE-2019-11780 | Improper access control in the computed fields system of the framework ... |
| CVE-2018-15645 | Improper access control in message routing in Odoo Community 12.0 and ... |
| CVE-2018-15641 | Cross-site scripting (XSS) issue in web module in Odoo Community 11.0 ... |
| CVE-2018-15640 | Improper access control in the Helpdesk App of Odoo Enterprise 10.0 th ... |
| CVE-2018-15638 | Cross-site scripting (XSS) issue in mail module in Odoo Community 13.0 ... |
| CVE-2018-15635 | Cross-site scripting vulnerability in the Discuss App of Odoo Communit ... |
| CVE-2018-15634 | Cross-site scripting (XSS) issue in attachment management in Odoo Comm ... |
| CVE-2018-15633 | Cross-site scripting (XSS) issue in "document" module in Odoo Communit ... |
| CVE-2018-15632 | Improper input validation in database creation logic in Odoo Community ... |
| CVE-2018-15631 | Improper access control in the Discuss App of Odoo Community 12.0 and ... |
| CVE-2018-14887 | Improper Host header sanitization in the dbfilter routing component in ... |
| CVE-2018-14886 | The module-description renderer in Odoo Community 11.0 and earlier and ... |
| CVE-2018-14885 | Incorrect access control in the database manager component in Odoo Com ... |
| CVE-2018-14868 | Incorrect access control in the Password Encryption module in Odoo Com ... |
| CVE-2018-14867 | Incorrect access control in the portal messaging system in Odoo Commun ... |
| CVE-2018-14866 | Incorrect access control in the TransientModel framework in Odoo Commu ... |
| CVE-2018-14865 | Report engine in Odoo Community 9.0 through 11.0 and earlier and Odoo ... |
| CVE-2018-14864 | Incorrect access control in asset bundles in Odoo Community 9.0 throug ... |
| CVE-2018-14863 | Incorrect access control in the RPC framework in Odoo Community 8.0 th ... |
| CVE-2018-14862 | Incorrect access control in the mail templating system in Odoo Communi ... |
| CVE-2018-14861 | Improper data access control in Odoo Community 10.0 and 11.0 and Odoo ... |
| CVE-2018-14860 | Improper sanitization of dynamic user expressions in Odoo Community 11 ... |
| CVE-2018-14859 | Incorrect access control in the password reset component in Odoo Commu ... |
| CVE-2018-14733 | The Odoo Community Association (OCA) dbfilter_from_header module makes ... |
| CVE-2017-10805 | In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise ... |
| CVE-2017-10804 | In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise ... |
| CVE-2017-10803 | In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise ... |
| CVE-2017-9416 | Directory traversal vulnerability in tools.file_open in Odoo 8.0, 9.0, ... |
| CVE-2017-5871 | Odoo Version <= 8.0-20160726 and Version 9 is affected by: CWE-601: Op ... |