Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1049144?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "type": "deb", "namespace": "debian", "name": "otrs2", "version": "6.0.32-6", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10584?format=api", "vulnerability_id": "VCID-3s9f-prpy-hbcx", "summary": "Cross-site Scripting\nThe jQuery library, which is included in rdoc, mishandles `jQuery.extend(true, {}, ...)` because of Object.prototype pollution. If an unsanitized source object contained an enumerable `__proto__` property, it could extend the native `Object.prototype.`", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html" }, { "reference_url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html" }, { "reference_url": "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html" }, { "reference_url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html" }, { "reference_url": "https://access.redhat.com/errata/RHBA-2019:1570", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://access.redhat.com/errata/RHBA-2019:1570" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1456", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2587", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3023", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3024", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3024" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11358.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11358.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11358", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01856", "scoring_system": "epss", "scoring_elements": "0.8299", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01856", "scoring_system": "epss", "scoring_elements": "0.82988", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01856", "scoring_system": "epss", "scoring_elements": "0.83012", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01856", "scoring_system": "epss", "scoring_elements": "0.8302", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01856", "scoring_system": "epss", "scoring_elements": "0.83035", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01856", "scoring_system": "epss", "scoring_elements": "0.83028", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01856", "scoring_system": "epss", "scoring_elements": "0.83024", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02362", "scoring_system": "epss", "scoring_elements": "0.84954", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02646", "scoring_system": "epss", "scoring_elements": "0.85754", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02646", "scoring_system": "epss", "scoring_elements": "0.85759", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02717", "scoring_system": "epss", "scoring_elements": "0.8586", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02717", "scoring_system": "epss", "scoring_elements": "0.85871", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11358" }, { "reference_url": "https://backdropcms.org/security/backdrop-sa-core-2019-009", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://backdropcms.org/security/backdrop-sa-core-2019-009" }, { "reference_url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released" }, { "reference_url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12467", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12467" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12471", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12471" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12473", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12474" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/May/10", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://seclists.org/fulldisclosure/2019/May/10" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/May/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://seclists.org/fulldisclosure/2019/May/11" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/May/13", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://seclists.org/fulldisclosure/2019/May/13" }, { "reference_url": "https://github.com/django/django/commit/34ec52269ade54af31a021b12969913129571a3f", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/django/django/commit/34ec52269ade54af31a021b12969913129571a3f" }, { "reference_url": "https://github.com/django/django/commit/95649bc08547a878cebfa1d019edec8cb1b80829", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/django/django/commit/95649bc08547a878cebfa1d019edec8cb1b80829" }, { "reference_url": "https://github.com/django/django/commit/baaf187a4e354bf3976c51e2c83a0d2f8ee6e6ad", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/django/django/commit/baaf187a4e354bf3976c51e2c83a0d2f8ee6e6ad" }, { "reference_url": "https://github.com/jquery/jquery", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery/jquery" }, { "reference_url": "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b" }, { "reference_url": "https://github.com/jquery/jquery/pull/4333", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://github.com/jquery/jquery/pull/4333" }, { "reference_url": "https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc" }, { "reference_url": "https://github.com/maximebf/php-debugbar/issues/447", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/maximebf/php-debugbar/issues/447" }, { "reference_url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434" }, { "reference_url": "https://hackerone.com/reports/454365", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "" } ], "url": "https://hackerone.com/reports/454365" }, { "reference_url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601" }, { "reference_url": "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5" }, { "reference_url": "https://seclists.org/bugtraq/2019/Apr/32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://seclists.org/bugtraq/2019/Apr/32" }, { "reference_url": "https://seclists.org/bugtraq/2019/Jun/12", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://seclists.org/bugtraq/2019/Jun/12" }, { "reference_url": "https://seclists.org/bugtraq/2019/May/18", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://seclists.org/bugtraq/2019/May/18" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190919-0001", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190919-0001" }, { "reference_url": "https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-450226", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-450226" }, { "reference_url": "https://snyk.io/vuln/SNYK-JS-JQUERY-174006", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://snyk.io/vuln/SNYK-JS-JQUERY-174006" }, { "reference_url": "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1" }, { "reference_url": "https://web.archive.org/web/20190824065237/http://www.securityfocus.com/bid/108023", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20190824065237/http://www.securityfocus.com/bid/108023" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4434", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4434" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4460", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4460" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/jun/03/security-releases", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.djangoproject.com/weblog/2019/jun/03/security-releases" }, { "reference_url": "https://www.drupal.org/sa-core-2019-006", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.drupal.org/sa-core-2019-006" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "reference_url": "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery" }, { "reference_url": "https://www.synology.com/security/advisory/Synology_SA_19_19", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.synology.com/security/advisory/Synology_SA_19_19" }, { "reference_url": "https://www.tenable.com/security/tns-2019-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.tenable.com/security/tns-2019-08" }, { "reference_url": "https://www.tenable.com/security/tns-2020-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.tenable.com/security/tns-2020-02" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/06/03/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/06/03/2" }, { "reference_url": "http://www.securityfocus.com/bid/108023", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://www.securityfocus.com/bid/108023" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972", "reference_id": "1701972", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "reference_url": "https://github.com/nodejs/security-wg/blob/main/vuln/npm/496.json", "reference_id": "496", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "" } ], "url": "https://github.com/nodejs/security-wg/blob/main/vuln/npm/496.json" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/", "reference_id": "4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/", "reference_id": "5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927466", "reference_id": "927466", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927466" }, { "reference_url": "https://security.archlinux.org/ASA-201906-2", "reference_id": "ASA-201906-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201906-2" }, { "reference_url": "https://security.archlinux.org/AVG-969", "reference_id": "AVG-969", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-969" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", "reference_id": "CVE-2019-11358", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2019-11358.yml", "reference_id": "CVE-2019-11358.YML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2019-11358.yml" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52141.txt", "reference_id": "CVE-2020-7656;CVE-2019-11358", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52141.txt" }, { "reference_url": "https://github.com/advisories/GHSA-6c3j-c64m-qhgq", "reference_id": "GHSA-6c3j-c64m-qhgq", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6c3j-c64m-qhgq" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/", "reference_id": "KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/" }, { "reference_url": "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/", "reference_id": "mitigating-cve-2019-11358-in-old-versions-of-jquery", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190919-0001/", "reference_id": "ntap-20190919-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190919-0001/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/", "reference_id": "QV3PKZC3PQCO3273HAT76PAQZFBEO4KP", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1325", "reference_id": "RHSA-2020:1325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2412", "reference_id": "RHSA-2020:2412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3936", "reference_id": "RHSA-2020:3936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4298", "reference_id": "RHSA-2020:4298", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4298" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4670", "reference_id": "RHSA-2020:4670", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4670" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4847", "reference_id": "RHSA-2020:4847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5581", "reference_id": "RHSA-2020:5581", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5581" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4142", "reference_id": "RHSA-2021:4142", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4142" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7343", "reference_id": "RHSA-2022:7343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0552", "reference_id": "RHSA-2023:0552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0553", "reference_id": "RHSA-2023:0553", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0553" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0554", "reference_id": "RHSA-2023:0554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0554" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0556", "reference_id": "RHSA-2023:0556", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0556" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/", "reference_id": "RLXRX23725JL366CNZGJZ7AQQB7LHQ6F", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/" }, { "reference_url": "https://usn.ubuntu.com/7622-1/", "reference_id": "USN-7622-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7622-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/", "reference_id": "WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-11358", "GHSA-6c3j-c64m-qhgq" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3s9f-prpy-hbcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93943?format=api", "vulnerability_id": "VCID-47tp-xcrf-vkf4", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. In the customer or external frontend, personal information of agents (e.g., Name and mail address) can be disclosed in external notes.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12497", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00558", "scoring_system": "epss", "scoring_elements": "0.68166", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00569", "scoring_system": "epss", "scoring_elements": "0.68496", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00586", "scoring_system": "epss", "scoring_elements": "0.69036", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00586", "scoring_system": "epss", "scoring_elements": "0.69085", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00586", "scoring_system": "epss", "scoring_elements": "0.69105", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00586", "scoring_system": "epss", "scoring_elements": "0.69128", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00586", "scoring_system": "epss", "scoring_elements": "0.69113", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00586", "scoring_system": "epss", "scoring_elements": "0.69083", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00586", "scoring_system": "epss", "scoring_elements": "0.69123", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00586", "scoring_system": "epss", "scoring_elements": "0.69132", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00586", "scoring_system": "epss", "scoring_elements": "0.69112", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00586", "scoring_system": "epss", "scoring_elements": "0.69056", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12497" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-12497" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-47tp-xcrf-vkf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32449?format=api", "vulnerability_id": "VCID-5618-53yg-8qh4", "summary": "Potential XSS vulnerability in jQuery\n### Impact\nPassing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. `.html()`, `.append()`, and others) may execute untrusted code.\n\n### Patches\nThis problem is patched in jQuery 3.5.0.\n\n### Workarounds\nTo workaround the issue without upgrading, adding the following to your code:\n\n```js\njQuery.htmlPrefilter = function( html ) {\n\treturn html;\n};\n```\n\nYou need to use at least jQuery 1.12/2.2 or newer to be able to apply this workaround.\n\n### References\nhttps://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\nhttps://jquery.com/upgrade-guide/3.5/\n\n### For more information\nIf you have any questions or comments about this advisory, search for a relevant issue in [the jQuery repo](https://github.com/jquery/jquery/issues). If you don't find an answer, open a new issue.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html" }, { "reference_url": "http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11022.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11022.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84203", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84194", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84198", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84185", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84179", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84157", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84155", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03251", "scoring_system": "epss", "scoring_elements": "0.87079", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03251", "scoring_system": "epss", "scoring_elements": "0.87068", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03538", "scoring_system": "epss", "scoring_elements": "0.87688", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03538", "scoring_system": "epss", "scoring_elements": "0.87689", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03633", "scoring_system": "epss", "scoring_elements": "0.87846", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11022" }, { "reference_url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released" }, { "reference_url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662" }, { "reference_url": "http://security.netapp.com/advisory/ntap-20200511-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://security.netapp.com/advisory/ntap-20200511-0006" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" }, { "reference_url": "https://github.com/jquery/jquery", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery/jquery" }, { "reference_url": "https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77" }, { "reference_url": "https://github.com/jquery/jquery/releases/tag/3.5.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery/jquery/releases/tag/3.5.0" }, { "reference_url": "https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2" }, { "reference_url": "https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc" }, { "reference_url": "https://github.com/maximebf/php-debugbar/issues/447", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/maximebf/php-debugbar/issues/447" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11022.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11022.yml" }, { "reference_url": "https://jquery.com/upgrade-guide/3.5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://jquery.com/upgrade-guide/3.5" }, { "reference_url": "https://jquery.com/upgrade-guide/3.5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://jquery.com/upgrade-guide/3.5/" }, { "reference_url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W" }, { "reference_url": "https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html" }, { "reference_url": "https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html" }, { "reference_url": "https://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "reference_url": "https://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html" }, { "reference_url": "https://security.gentoo.org/glsa/202007-03", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202007-03" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200511-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20200511-0006" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4693", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2020/dsa-4693" }, { "reference_url": "https://www.drupal.org/sa-core-2020-002", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.drupal.org/sa-core-2020-002" }, { "reference_url": "https://www.npmjs.com/advisories/1518", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.npmjs.com/advisories/1518" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://www.tenable.com/security/tns-2020-10", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2020-10" }, { "reference_url": "https://www.tenable.com/security/tns-2020-11", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2020-11" }, { "reference_url": "https://www.tenable.com/security/tns-2021-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2021-02" }, { "reference_url": "https://www.tenable.com/security/tns-2021-10", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2021-10" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406", "reference_id": "1828406", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49766.txt", "reference_id": "CVE-2020-11022", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49766.txt" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2217", "reference_id": "RHSA-2020:2217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2362", "reference_id": "RHSA-2020:2362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2412", "reference_id": "RHSA-2020:2412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2813", "reference_id": "RHSA-2020:2813", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2813" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3247", "reference_id": "RHSA-2020:3247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3807", "reference_id": "RHSA-2020:3807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3936", "reference_id": "RHSA-2020:3936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4211", "reference_id": "RHSA-2020:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4298", "reference_id": "RHSA-2020:4298", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4298" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4670", "reference_id": "RHSA-2020:4670", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4670" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4847", "reference_id": "RHSA-2020:4847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5249", "reference_id": "RHSA-2020:5249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0778", "reference_id": "RHSA-2021:0778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6393", "reference_id": "RHSA-2022:6393", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6393" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0552", "reference_id": "RHSA-2023:0552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0553", "reference_id": "RHSA-2023:0553", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0553" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0554", "reference_id": "RHSA-2023:0554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0554" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0556", "reference_id": "RHSA-2023:0556", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0556" }, { "reference_url": "https://usn.ubuntu.com/7246-1/", "reference_id": "USN-7246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7246-1/" }, { "reference_url": "https://usn.ubuntu.com/7622-1/", "reference_id": "USN-7622-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7622-1/" }, { "reference_url": "https://usn.ubuntu.com/7658-1/", "reference_id": "USN-7658-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7658-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-11022", "GHSA-gxr4-xjj5-5px2" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5618-53yg-8qh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94657?format=api", "vulnerability_id": "VCID-57jx-quzh-fubc", "summary": "Agents are able to list customer user emails without required permissions in the bulk action screen. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions prior to 7.0.27.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44548", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44628", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44648", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44585", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44637", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44639", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44655", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44625", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44626", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.4468", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44672", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44603", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21443" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593", "reference_id": "991593", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2021-21443" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-57jx-quzh-fubc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94082?format=api", "vulnerability_id": "VCID-59ez-3fcw-9ke1", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, even tickets in a queue where the attacker doesn't have permissions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18179", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60728", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60801", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.6083", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60794", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60843", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60859", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.6088", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60867", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60849", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60891", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60895", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60879", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18179" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18179", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18179" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945251", "reference_id": "945251", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945251" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-18179" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-59ez-3fcw-9ke1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94411?format=api", "vulnerability_id": "VCID-79tb-zy1a-tqaf", "summary": "When an agent user is renamed or set to invalid the session belonging to the user is keept active. The session can not be used to access ticket data in the case the agent is invalid. This issue affects ((OTRS)) Community Edition: 6.0.28 and prior versions. OTRS: 7.0.18 and prior versions, 8.0.4. and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1776", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55638", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55478", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55589", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55614", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55592", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55643", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55646", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55655", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55635", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55617", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55659", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1776" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1776" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-79tb-zy1a-tqaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94654?format=api", "vulnerability_id": "VCID-9431-8f5f-rfct", "summary": "DoS attack can be performed when an email contains specially designed URL in the body. It can lead to the high CPU usage and cause low quality of service, or in extreme case bring the system to a halt. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions; 8.0.x version 8.0.13 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21439", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57232", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57314", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57337", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57365", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57367", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57382", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57362", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57341", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21439" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21439", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21439" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992", "reference_id": "989992", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2021-21439" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9431-8f5f-rfct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93947?format=api", "vulnerability_id": "VCID-9aug-utyb-3fbg", "summary": "An issue was discovered in Open Ticket Request System (OTRS) Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be then be potentially abused in order to impersonate the agent user.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12746", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00838", "scoring_system": "epss", "scoring_elements": "0.74716", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00838", "scoring_system": "epss", "scoring_elements": "0.74725", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00838", "scoring_system": "epss", "scoring_elements": "0.74634", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00838", "scoring_system": "epss", "scoring_elements": "0.74638", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00838", "scoring_system": "epss", "scoring_elements": "0.74665", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00838", "scoring_system": "epss", "scoring_elements": "0.7464", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00838", "scoring_system": "epss", "scoring_elements": "0.74671", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00838", "scoring_system": "epss", "scoring_elements": "0.74686", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00838", "scoring_system": "epss", "scoring_elements": "0.7471", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00838", "scoring_system": "epss", "scoring_elements": "0.74689", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00838", "scoring_system": "epss", "scoring_elements": "0.74681", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00838", "scoring_system": "epss", "scoring_elements": "0.74718", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12746" }, { "reference_url": "https://community.otrs.com/security-advisory-2019-10-security-update-for-otrs-framework/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://community.otrs.com/security-advisory-2019-10-security-update-for-otrs-framework/" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12746" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00018.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" }, { "reference_url": "https://www.otrs.com/category/release-and-security-notes-en/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.otrs.com/category/release-and-security-notes-en/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "reference_id": "cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12746", "reference_id": "CVE-2019-12746", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12746" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-12746" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9aug-utyb-3fbg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94410?format=api", "vulnerability_id": "VCID-9fth-879g-a3fn", "summary": "When user downloads PGP or S/MIME keys/certificates, exported file has same name for private and public keys. Therefore it's possible to mix them and to send private key to the third-party instead of public key. This issue affects ((OTRS)) Community Edition: 5.0.42 and prior versions, 6.0.27 and prior versions. OTRS: 7.0.16 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1774", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42367", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42438", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42467", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42406", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42457", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42464", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42487", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.4245", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.4242", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42469", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42444", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42372", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1774" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959448", "reference_id": "959448", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959448" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1774" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9fth-879g-a3fn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36298?format=api", "vulnerability_id": "VCID-a286-32jj-eubk", "summary": "Regular Expression Denial of Service in jquery-validation\nThe GitHub Security Lab team has identified potential security vulnerabilities in jquery.validation.\n\nThe project contains one or more regular expressions that are vulnerable to ReDoS (Regular Expression Denial of Service)\n\nThis issue was discovered and reported by GitHub team member @erik-krogh (Erik Krogh Kristensen).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21252.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21252.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21252", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72032", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72047", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72039", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.71951", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72014", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.7203", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72006", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.71993", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.71955", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.71979", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.71959", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.71998", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21252" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21252" }, { "reference_url": "https://github.com/jquery-validation/jquery-validation", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery-validation/jquery-validation" }, { "reference_url": "https://github.com/jquery-validation/jquery-validation/commit/5d8f29eef363d043a8fec4eb86d42cadb5fa5f7d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery-validation/jquery-validation/commit/5d8f29eef363d043a8fec4eb86d42cadb5fa5f7d" }, { "reference_url": "https://github.com/jquery-validation/jquery-validation/pull/2371", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery-validation/jquery-validation/pull/2371" }, { "reference_url": "https://github.com/jquery-validation/jquery-validation/security/advisories/GHSA-jxwx-85vp-gvwm", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery-validation/jquery-validation/security/advisories/GHSA-jxwx-85vp-gvwm" }, { "reference_url": "https://jqueryvalidation.org/#installation-via-package-managers", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://jqueryvalidation.org/#installation-via-package-managers" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21252", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21252" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210219-0005", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210219-0005" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210219-0005/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20210219-0005/" }, { "reference_url": "https://www.npmjs.com/package/jquery-validation", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.npmjs.com/package/jquery-validation" }, { "reference_url": "https://www.nuget.org/packages/jquery.validation", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.nuget.org/packages/jquery.validation" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096941", "reference_id": "2096941", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096941" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980891", "reference_id": "980891", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980891" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980892", "reference_id": "980892", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980892" }, { "reference_url": "https://github.com/advisories/GHSA-jxwx-85vp-gvwm", "reference_id": "GHSA-jxwx-85vp-gvwm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jxwx-85vp-gvwm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2021-21252", "GHSA-jxwx-85vp-gvwm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a286-32jj-eubk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32455?format=api", "vulnerability_id": "VCID-cvxp-ctj9-guej", "summary": "Potential XSS vulnerability in jQuery\n### Impact\nPassing HTML containing `<option>` elements from untrusted sources - even after sanitizing them - to one of jQuery's DOM manipulation methods (i.e. `.html()`, `.append()`, and others) may execute untrusted code.\n\n### Patches\nThis problem is patched in jQuery 3.5.0.\n\n### Workarounds\nTo workaround this issue without upgrading, use [DOMPurify](https://github.com/cure53/DOMPurify) with its `SAFE_FOR_JQUERY` option to sanitize the HTML string before passing it to a jQuery method.\n\n### References\nhttps://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\n\n### For more information\nIf you have any questions or comments about this advisory, search for a relevant issue in [the jQuery repo](https://github.com/jquery/jquery/issues). If you don't find an answer, open a new issue.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html" }, { "reference_url": "http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11023.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11023.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11023", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.36278", "scoring_system": "epss", "scoring_elements": "0.97091", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.36278", "scoring_system": "epss", "scoring_elements": "0.9709", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.36278", "scoring_system": "epss", "scoring_elements": "0.97107", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.36278", "scoring_system": "epss", "scoring_elements": "0.97101", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.36278", "scoring_system": "epss", "scoring_elements": "0.97105", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.36278", "scoring_system": "epss", "scoring_elements": "0.97106", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.36851", "scoring_system": "epss", "scoring_elements": "0.97117", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.36851", "scoring_system": "epss", "scoring_elements": "0.97125", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.42137", "scoring_system": "epss", "scoring_elements": "0.97454", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.42137", "scoring_system": "epss", "scoring_elements": "0.9745", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.58921", "scoring_system": "epss", "scoring_elements": "0.98229", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11023" }, { "reference_url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/github/advisory-database/blob/99afa6fdeaf5d1d23e1021ff915a5e5dbc82c1f1/advisories/github-reviewed/2020/04/GHSA-jpcq-cgw6-v4j6/GHSA-jpcq-cgw6-v4j6.json#L20-L37", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/github/advisory-database/blob/99afa6fdeaf5d1d23e1021ff915a5e5dbc82c1f1/advisories/github-reviewed/2020/04/GHSA-jpcq-cgw6-v4j6/GHSA-jpcq-cgw6-v4j6.json#L20-L37" }, { "reference_url": "https://github.com/jquery/jquery", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery/jquery" }, { "reference_url": "https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77" }, { "reference_url": "https://github.com/jquery/jquery/releases/tag/3.5.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery/jquery/releases/tag/3.5.0" }, { "reference_url": "https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6" }, { "reference_url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#410", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#410" }, { "reference_url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440" }, { "reference_url": "https://github.com/rails/jquery-rails/blob/v4.3.5/vendor/assets/javascripts/jquery3.js#L5979", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rails/jquery-rails/blob/v4.3.5/vendor/assets/javascripts/jquery3.js#L5979" }, { "reference_url": "https://github.com/rails/jquery-rails/blob/v4.4.0/vendor/assets/javascripts/jquery3.js#L6162", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rails/jquery-rails/blob/v4.4.0/vendor/assets/javascripts/jquery3.js#L6162" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11023.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11023.yml" }, { "reference_url": "https://jquery.com/upgrade-guide/3.5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://jquery.com/upgrade-guide/3.5" }, { "reference_url": "https://jquery.com/upgrade-guide/3.5/", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://jquery.com/upgrade-guide/3.5/" }, { "reference_url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3Ccommits.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3Ccommits.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3Ccommits.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3Ccommits.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3Cdev.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3Cdev.hive.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "reference_url": "https://security.gentoo.org/glsa/202007-03", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://security.gentoo.org/glsa/202007-03" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200511-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20200511-0006" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230725-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20230725-0003" }, { "reference_url": "https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-565440", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-565440" }, { "reference_url": "https://snyk.io/vuln/SNYK-JS-JQUERY-565129", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://snyk.io/vuln/SNYK-JS-JQUERY-565129" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11023", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11023" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4693", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.debian.org/security/2020/dsa-4693" }, { "reference_url": "https://www.drupal.org/sa-core-2020-002", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.drupal.org/sa-core-2020-002" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://www.tenable.com/security/tns-2021-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.tenable.com/security/tns-2021-02" }, { "reference_url": "https://www.tenable.com/security/tns-2021-10", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.tenable.com/security/tns-2021-10" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004", "reference_id": "1850004", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/", "reference_id": "AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49767.txt", "reference_id": "CVE-2020-11023", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49767.txt" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-23064.yml", "reference_id": "CVE-2020-23064.YML", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-23064.yml" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200511-0006/", "reference_id": "ntap-20200511-0006", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20200511-0006/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/", "reference_id": "QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2412", "reference_id": "RHSA-2020:2412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2813", "reference_id": "RHSA-2020:2813", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2813" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3247", "reference_id": "RHSA-2020:3247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3369", "reference_id": "RHSA-2020:3369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3807", "reference_id": "RHSA-2020:3807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4211", "reference_id": "RHSA-2020:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4298", "reference_id": "RHSA-2020:4298", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4298" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4847", "reference_id": "RHSA-2020:4847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5249", "reference_id": "RHSA-2020:5249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5412", "reference_id": "RHSA-2020:5412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0778", "reference_id": "RHSA-2021:0778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0851", "reference_id": "RHSA-2021:0851", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0851" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0860", "reference_id": "RHSA-2021:0860", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0860" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1846", "reference_id": "RHSA-2021:1846", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1846" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4142", "reference_id": "RHSA-2021:4142", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4142" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6393", "reference_id": "RHSA-2022:6393", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6393" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7343", "reference_id": "RHSA-2022:7343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0552", "reference_id": "RHSA-2023:0552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0553", "reference_id": "RHSA-2023:0553", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0553" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0554", "reference_id": "RHSA-2023:0554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0554" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0556", "reference_id": "RHSA-2023:0556", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0556" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1070", "reference_id": "RHSA-2025:1070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1185", "reference_id": "RHSA-2025:1185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1209", "reference_id": "RHSA-2025:1209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1210", "reference_id": "RHSA-2025:1210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1211", "reference_id": "RHSA-2025:1211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1212", "reference_id": "RHSA-2025:1212", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1212" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1213", "reference_id": "RHSA-2025:1213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1214", "reference_id": "RHSA-2025:1214", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1214" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1215", "reference_id": "RHSA-2025:1215", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1215" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1216", "reference_id": "RHSA-2025:1216", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1216" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1217", "reference_id": "RHSA-2025:1217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1247", "reference_id": "RHSA-2025:1247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1255", "reference_id": "RHSA-2025:1255", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1255" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1256", "reference_id": "RHSA-2025:1256", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1256" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1300", "reference_id": "RHSA-2025:1300", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1300" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1301", "reference_id": "RHSA-2025:1301", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1301" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1303", "reference_id": "RHSA-2025:1303", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1304", "reference_id": "RHSA-2025:1304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1305", "reference_id": "RHSA-2025:1305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1306", "reference_id": "RHSA-2025:1306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1308", "reference_id": "RHSA-2025:1308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1309", "reference_id": "RHSA-2025:1309", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1309" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1310", "reference_id": "RHSA-2025:1310", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1310" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1311", "reference_id": "RHSA-2025:1311", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1311" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1312", "reference_id": "RHSA-2025:1312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1314", "reference_id": "RHSA-2025:1314", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1314" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1315", "reference_id": "RHSA-2025:1315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1329", "reference_id": "RHSA-2025:1329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1338", "reference_id": "RHSA-2025:1338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1342", "reference_id": "RHSA-2025:1342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1346", "reference_id": "RHSA-2025:1346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1514", "reference_id": "RHSA-2025:1514", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1514" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1515", "reference_id": "RHSA-2025:1515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1580", "reference_id": "RHSA-2025:1580", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1601", "reference_id": "RHSA-2025:1601", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1983", "reference_id": "RHSA-2025:1983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2426", "reference_id": "RHSA-2025:2426", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2426" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/", "reference_id": "SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/", "reference_id": "SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/" }, { "reference_url": "https://usn.ubuntu.com/7246-1/", "reference_id": "USN-7246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7246-1/" }, { "reference_url": "https://usn.ubuntu.com/7622-1/", "reference_id": "USN-7622-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7622-1/" }, { "reference_url": "https://usn.ubuntu.com/7658-1/", "reference_id": "USN-7658-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7658-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-11023", "GHSA-jpcq-cgw6-v4j6" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cvxp-ctj9-guej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94405?format=api", "vulnerability_id": "VCID-cyn6-w9ue-1fdv", "summary": "In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1769", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.712", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71216", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71222", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71121", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.7113", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71147", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71123", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71165", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71177", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71201", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71186", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71169", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1769" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1769", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1769" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" }, { "reference_url": "https://otrs.com/release-notes/otrs-security-advisory-2020-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://otrs.com/release-notes/otrs-security-advisory-2020-06/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "reference_id": "cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1769", "reference_id": "CVE-2020-1769", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:N/A:N" }, { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1769" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1769" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cyn6-w9ue-1fdv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94409?format=api", "vulnerability_id": "VCID-d4t9-s9ws-uugb", "summary": "An attacker with the ability to generate session IDs or password reset tokens, either by being able to authenticate or by exploiting OSA-2020-09, may be able to predict other users session IDs, password reset tokens and automatically generated passwords. This issue affects ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS; 7.0.15 and prior versions.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1773", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64352", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64351", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64361", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64238", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64296", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64324", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64281", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64329", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64344", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64356", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64345", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64316", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1773" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" }, { "reference_url": "https://otrs.com/release-notes/otrs-security-advisory-2020-10/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://otrs.com/release-notes/otrs-security-advisory-2020-10/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "reference_id": "cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1773", "reference_id": "CVE-2020-1773", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:P/A:N" }, { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1773" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1773" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d4t9-s9ws-uugb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94404?format=api", "vulnerability_id": "VCID-enp1-vd1n-ffg9", "summary": "Agent A is able to save a draft (i.e. for customer reply). Then Agent B can open the draft, change the text completely and send it in the name of Agent A. For the customer it will not be visible that the message was sent by another agent. This issue affects: ((OTRS)) Community Edition 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00555", "scoring_system": "epss", "scoring_elements": "0.68157", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00555", "scoring_system": "epss", "scoring_elements": "0.6817", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00555", "scoring_system": "epss", "scoring_elements": "0.68152", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69005", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69055", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69074", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.68987", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69082", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69052", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69097", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69004", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69024", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1767" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1767" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-enp1-vd1n-ffg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94083?format=api", "vulnerability_id": "VCID-h4xp-dgt9-jfhb", "summary": "Improper Check for filenames with overly long extensions in PostMaster (sending in email) or uploading files (e.g. attaching files to mails) of ((OTRS)) Community Edition and OTRS allows an remote attacker to cause an endless loop. This issue affects: OTRS AG: ((OTRS)) Community Edition 5.0.x version 5.0.38 and prior versions; 6.0.x version 6.0.23 and prior versions. OTRS AG: OTRS 7.0.x version 7.0.12 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18180", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01334", "scoring_system": "epss", "scoring_elements": "0.79918", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01334", "scoring_system": "epss", "scoring_elements": "0.79925", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01334", "scoring_system": "epss", "scoring_elements": "0.79946", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01334", "scoring_system": "epss", "scoring_elements": "0.79934", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01334", "scoring_system": "epss", "scoring_elements": "0.79963", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01334", "scoring_system": "epss", "scoring_elements": "0.79972", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01334", "scoring_system": "epss", "scoring_elements": "0.79992", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01334", "scoring_system": "epss", "scoring_elements": "0.79975", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01334", "scoring_system": "epss", "scoring_elements": "0.79968", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01334", "scoring_system": "epss", "scoring_elements": "0.79996", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01334", "scoring_system": "epss", "scoring_elements": "0.79998", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18180" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945251", "reference_id": "945251", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945251" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-18180" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h4xp-dgt9-jfhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94402?format=api", "vulnerability_id": "VCID-jr2g-4ag6-hqey", "summary": "An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1765", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70322", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70334", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70351", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70329", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70374", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70389", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70413", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70398", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70383", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70426", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70435", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70415", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1765" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1765", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1765" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1765" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jr2g-4ag6-hqey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94408?format=api", "vulnerability_id": "VCID-jv8f-vz24-67c2", "summary": "It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. This issue affects: ((OTRS)) Community Edition 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1772", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63632", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.6364", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63648", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63517", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63577", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63604", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63568", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.6362", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63636", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63652", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63603", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1772" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00000.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" }, { "reference_url": "https://otrs.com/release-notes/otrs-security-advisory-2020-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://otrs.com/release-notes/otrs-security-advisory-2020-09/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "reference_id": "cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1772", "reference_id": "CVE-2020-1772", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1772" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1772" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jv8f-vz24-67c2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94065?format=api", "vulnerability_id": "VCID-kkx1-64uf-87hf", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.11, and Community Edition 5.0.x through 5.0.37 and 6.0.x through 6.0.22. An attacker who is logged in as an agent or customer user with appropriate permissions can create a carefully crafted string containing malicious JavaScript code as an article body. This malicious code is executed when an agent composes an answer to the original article.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16375", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.70797", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.70819", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.70707", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.70721", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.70739", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.70716", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.7076", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.70776", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.70799", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.70782", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.70767", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.70812", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16375" }, { "reference_url": "https://community.otrs.com/category/security-advisories-en/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://community.otrs.com/category/security-advisories-en/" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16375" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" }, { "reference_url": "https://otrs.com/release-notes/otrs-security-advisory-2019-13/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://otrs.com/release-notes/otrs-security-advisory-2019-13/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "reference_id": "cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16375", "reference_id": "CVE-2019-16375", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:P/A:N" }, { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16375" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-16375" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kkx1-64uf-87hf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94406?format=api", "vulnerability_id": "VCID-mvf7-hk9h-zfa4", "summary": "Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1770", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58159", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58181", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58183", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.5804", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58125", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58146", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58121", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58175", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58178", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58193", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.5817", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.5815", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1770" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1770", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1770" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00000.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" }, { "reference_url": "https://otrs.com/release-notes/otrs-security-advisory-2020-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://otrs.com/release-notes/otrs-security-advisory-2020-07/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "reference_id": "cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1770", "reference_id": "CVE-2020-1770", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:N/A:N" }, { "value": "2.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1770" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1770" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mvf7-hk9h-zfa4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94403?format=api", "vulnerability_id": "VCID-n6bx-62mu-nkge", "summary": "Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1766", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73438", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73446", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73469", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73441", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73478", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73491", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73515", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73495", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73488", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.7353", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73539", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73532", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1766" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1766", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1766" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1766" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n6bx-62mu-nkge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93935?format=api", "vulnerability_id": "VCID-q4vw-md7c-53bs", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.7, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. An attacker could send a malicious email to an OTRS system. If a logged-in agent user quotes it, the email could cause the browser to load external image resources.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12248", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00668", "scoring_system": "epss", "scoring_elements": "0.71235", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71549", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.71986", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72025", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72038", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72062", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72045", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.7203", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72071", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72079", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72063", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72011", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12248" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-12248" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q4vw-md7c-53bs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94311?format=api", "vulnerability_id": "VCID-rg2d-x2j3-jycq", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of arbitrary files on the OTRS filesystem.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9892", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62723", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63588", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63614", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63578", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63629", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63528", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63661", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63612", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63649", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63658", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63646", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9892" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9892", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9892" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-9892" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rg2d-x2j3-jycq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94407?format=api", "vulnerability_id": "VCID-sxy7-tjmp-qbh2", "summary": "Attacker is able craft an article with a link to the customer address book with malicious content (JavaScript). When agent opens the link, JavaScript code is executed due to the missing parameter encoding. This issue affects: ((OTRS)) Community Edition: 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1771", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70432", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70443", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70452", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70338", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.7035", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70367", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70346", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70391", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70406", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.7043", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70414", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.704", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1771" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" }, { "reference_url": "https://otrs.com/release-notes/otrs-security-advisory-2020-08/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://otrs.com/release-notes/otrs-security-advisory-2020-08/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "reference_id": "cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1771", "reference_id": "CVE-2020-1771", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:P/A:N" }, { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1771" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1771" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sxy7-tjmp-qbh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94305?format=api", "vulnerability_id": "VCID-t2up-pp1r-xkdu", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 6.x before 6.0.17 and 7.x before 7.0.5. An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS. This is related to Kernel/Output/Template/Document.pm.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9751", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60898", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60914", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60748", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60821", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.6085", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60814", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60863", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60879", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.609", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60886", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60867", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.6091", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9751" }, { "reference_url": "https://community.otrs.com/security-advisory-2019-02-security-update-for-otrs-framework", "reference_id": "", "reference_type": "", "scores": [], "url": "https://community.otrs.com/security-advisory-2019-02-security-update-for-otrs-framework" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9751" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9751", "reference_id": "CVE-2019-9751", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:P/A:N" }, { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9751" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-9751" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t2up-pp1r-xkdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94655?format=api", "vulnerability_id": "VCID-u3ed-wmjx-9fcq", "summary": "Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.27 and prior versions; 8.0.x version 8.0.14 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21440", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.394", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39563", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39586", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39501", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39556", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39572", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39582", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39544", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39528", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39578", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39549", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39465", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21440" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21440", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21440" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593", "reference_id": "991593", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2021-21440" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u3ed-wmjx-9fcq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94656?format=api", "vulnerability_id": "VCID-u8xm-v9ek-yuar", "summary": "There is a XSS vulnerability in the ticket overview screens. It's possible to collect various information by having an e-mail shown in the overview screen. Attack can be performed by sending specially crafted e-mail to the system and it doesn't require any user intraction. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21441", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52823", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.5285", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52876", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52844", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52895", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52889", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52939", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52923", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52907", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52944", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52951", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52934", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21441" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21441", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21441" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992", "reference_id": "989992", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2021-21441" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u8xm-v9ek-yuar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94822?format=api", "vulnerability_id": "VCID-ujf1-bbf4-abch", "summary": "Agents are able to list appointments in the calendars without required permissions. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions prior to 7.0.27.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36091", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32741", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32872", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32907", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32728", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32775", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32802", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32803", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32765", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32739", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.3278", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32756", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32727", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36091" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36091", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36091" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593", "reference_id": "991593", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2021-36091" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ujf1-bbf4-abch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93846?format=api", "vulnerability_id": "VCID-vahe-evfr-w7hd", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through 5.0.12. An attacker who is logged into OTRS as an agent with appropriate permissions may create a carefully crafted calendar appointment in order to cause execution of JavaScript in the context of OTRS.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10066", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63293", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63353", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.6338", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63346", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63398", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63416", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63433", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63415", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63423", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63401", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10066" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-10066" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vahe-evfr-w7hd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93847?format=api", "vulnerability_id": "VCID-wueh-6rd8-zyg8", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the context of OTRS.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10067", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59384", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60224", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.6025", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60217", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60266", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60281", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60148", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60288", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60269", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60309", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60316", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60302", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10067" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-10067" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wueh-6rd8-zyg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93981?format=api", "vulnerability_id": "VCID-z2ek-mhha-ubhf", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, and Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS notification tags in templates in order to disclose hashed user passwords.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13458", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59633", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59643", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.5965", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59495", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59568", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59593", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59562", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59613", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59626", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59646", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59629", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59609", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13458" }, { "reference_url": "https://community.otrs.com/security-advisory-2019-12-security-update-for-otrs-framework/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://community.otrs.com/security-advisory-2019-12-security-update-for-otrs-framework/" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13458", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13458" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00018.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" }, { "reference_url": "https://www.otrs.com/category/release-and-security-notes-en/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.otrs.com/category/release-and-security-notes-en/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "reference_id": "cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13458", "reference_id": "CVE-2019-13458", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:N/A:N" }, { "value": "2.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13458" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049144?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-13458" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z2ek-mhha-ubhf" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" }