Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/289170?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/289170?format=api", "purl": "pkg:deb/debian/otrs2@3.3.9-3", "type": "deb", "namespace": "debian", "name": "otrs2", "version": "3.3.9-3", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "6.0.32-6", "latest_non_vulnerable_version": "6.0.32-6", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97455?format=api", "vulnerability_id": "VCID-118n-pg69-n7fk", "summary": "Attacker is able craft an article with a link to the customer address book with malicious content (JavaScript). When agent opens the link, JavaScript code is executed due to the missing parameter encoding. This issue affects: ((OTRS)) Community Edition: 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1771", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.7079", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70832", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70839", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70822", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00635", "scoring_system": "epss", "scoring_elements": "0.70808", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1771" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1771" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-118n-pg69-n7fk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97421?format=api", "vulnerability_id": "VCID-17u4-6a9b-vfg7", "summary": "Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and consequently gain privileges via a crafted email.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-17476", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.76175", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.762", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.76202", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.76195", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.76184", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-17476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17476" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884801", "reference_id": "884801", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884801" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/289171?format=api", "purl": "pkg:deb/debian/otrs2@3.3.18-1%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-17u4-6a9b-vfg7" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-2zbp-7f7d-9yax" }, { "vulnerability": "VCID-37a6-9nkd-zfe2" }, { "vulnerability": "VCID-3t8c-btz5-aygz" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-4fub-mh26-8kch" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-6rc9-awnq-sbh3" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-931s-zyss-r3ee" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-9vxt-vwmf-7qf9" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-a5xn-yn1g-kbfb" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-cwy4-f5jk-g7f1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-e41t-6ufe-4uhg" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-hq3f-5xvu-nybp" }, { "vulnerability": "VCID-j7u9-2fdf-yfgs" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-kj1x-kn4w-13a1" }, { "vulnerability": "VCID-n1x5-3apq-yuax" }, { "vulnerability": "VCID-psbm-u2fr-afgx" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-s95j-1s4a-83bp" }, { "vulnerability": "VCID-t86d-v1jx-7kek" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zjh1-fhd3-mbcb" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@3.3.18-1%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/515604?format=api", "purl": "pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-17u4-6a9b-vfg7" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-2zbp-7f7d-9yax" }, { "vulnerability": "VCID-37a6-9nkd-zfe2" }, { "vulnerability": "VCID-3t8c-btz5-aygz" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-4fub-mh26-8kch" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-9vxt-vwmf-7qf9" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-a5xn-yn1g-kbfb" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-cwy4-f5jk-g7f1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-e41t-6ufe-4uhg" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-hq3f-5xvu-nybp" }, { "vulnerability": "VCID-j7u9-2fdf-yfgs" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-kj1x-kn4w-13a1" }, { "vulnerability": "VCID-n1x5-3apq-yuax" }, { "vulnerability": "VCID-psbm-u2fr-afgx" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-s95j-1s4a-83bp" }, { "vulnerability": "VCID-t86d-v1jx-7kek" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zjh1-fhd3-mbcb" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/516737?format=api", "purl": "pkg:deb/debian/otrs2@6.0.16-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2" } ], "aliases": [ "CVE-2017-17476" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-17u4-6a9b-vfg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97454?format=api", "vulnerability_id": "VCID-29xd-16y4-cufd", "summary": "Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1770", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58424", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58471", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58479", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58457", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1770" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1770", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1770" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1770" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-29xd-16y4-cufd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97422?format=api", "vulnerability_id": "VCID-2zbp-7f7d-9yax", "summary": "In Open Ticket Request System (OTRS) 3.3.x through 3.3.16, 4.x through 4.0.23, and 5.x through 5.0.19, an attacker with agent permission is capable of opening a specific URL in a browser to gain administrative privileges / full access. Afterward, all system settings can be read and changed. The URLs in question contain index.pl?Action=Installer with ;Subaction=Intro or ;Subaction=Start or ;Subaction=System appended at the end.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9324", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01363", "scoring_system": "epss", "scoring_elements": "0.8051", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01363", "scoring_system": "epss", "scoring_elements": "0.80537", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01363", "scoring_system": "epss", "scoring_elements": "0.80539", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01363", "scoring_system": "epss", "scoring_elements": "0.80536", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01363", "scoring_system": "epss", "scoring_elements": "0.80531", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9324" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9324", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9324" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864319", "reference_id": "864319", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864319" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/289171?format=api", "purl": "pkg:deb/debian/otrs2@3.3.18-1%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-17u4-6a9b-vfg7" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-2zbp-7f7d-9yax" }, { "vulnerability": "VCID-37a6-9nkd-zfe2" }, { "vulnerability": "VCID-3t8c-btz5-aygz" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-4fub-mh26-8kch" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-6rc9-awnq-sbh3" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-931s-zyss-r3ee" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-9vxt-vwmf-7qf9" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-a5xn-yn1g-kbfb" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-cwy4-f5jk-g7f1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-e41t-6ufe-4uhg" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-hq3f-5xvu-nybp" }, { "vulnerability": "VCID-j7u9-2fdf-yfgs" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-kj1x-kn4w-13a1" }, { "vulnerability": "VCID-n1x5-3apq-yuax" }, { "vulnerability": "VCID-psbm-u2fr-afgx" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-s95j-1s4a-83bp" }, { "vulnerability": "VCID-t86d-v1jx-7kek" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zjh1-fhd3-mbcb" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@3.3.18-1%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/516737?format=api", "purl": "pkg:deb/debian/otrs2@6.0.16-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2" } ], "aliases": [ "CVE-2017-9324" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2zbp-7f7d-9yax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97431?format=api", "vulnerability_id": "VCID-37a6-9nkd-zfe2", "summary": "Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching is mishandled.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19143", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31355", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31424", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.3139", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31352", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.3132", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19143" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19143", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19143" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516737?format=api", "purl": "pkg:deb/debian/otrs2@6.0.16-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2" } ], "aliases": [ "CVE-2018-19143" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-37a6-9nkd-zfe2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97418?format=api", "vulnerability_id": "VCID-3t8c-btz5-aygz", "summary": "Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System (OTRS) 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. In the agent interface, an authenticated remote attacker can execute shell commands as the webserver user via URL manipulation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16664", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0122", "scoring_system": "epss", "scoring_elements": "0.79395", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0122", "scoring_system": "epss", "scoring_elements": "0.79422", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0122", "scoring_system": "epss", "scoring_elements": "0.79426", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0122", "scoring_system": "epss", "scoring_elements": "0.79419", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0122", "scoring_system": "epss", "scoring_elements": "0.79409", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16664" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16664", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16664" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882370", "reference_id": "882370", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882370" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/289171?format=api", "purl": "pkg:deb/debian/otrs2@3.3.18-1%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-17u4-6a9b-vfg7" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-2zbp-7f7d-9yax" }, { "vulnerability": "VCID-37a6-9nkd-zfe2" }, { "vulnerability": "VCID-3t8c-btz5-aygz" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-4fub-mh26-8kch" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-6rc9-awnq-sbh3" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-931s-zyss-r3ee" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-9vxt-vwmf-7qf9" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-a5xn-yn1g-kbfb" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-cwy4-f5jk-g7f1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-e41t-6ufe-4uhg" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-hq3f-5xvu-nybp" }, { "vulnerability": "VCID-j7u9-2fdf-yfgs" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-kj1x-kn4w-13a1" }, { "vulnerability": "VCID-n1x5-3apq-yuax" }, { "vulnerability": "VCID-psbm-u2fr-afgx" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-s95j-1s4a-83bp" }, { "vulnerability": "VCID-t86d-v1jx-7kek" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zjh1-fhd3-mbcb" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@3.3.18-1%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/515604?format=api", "purl": "pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-17u4-6a9b-vfg7" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-2zbp-7f7d-9yax" }, { "vulnerability": "VCID-37a6-9nkd-zfe2" }, { "vulnerability": "VCID-3t8c-btz5-aygz" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-4fub-mh26-8kch" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-9vxt-vwmf-7qf9" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-a5xn-yn1g-kbfb" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-cwy4-f5jk-g7f1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-e41t-6ufe-4uhg" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-hq3f-5xvu-nybp" }, { "vulnerability": "VCID-j7u9-2fdf-yfgs" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-kj1x-kn4w-13a1" }, { "vulnerability": "VCID-n1x5-3apq-yuax" }, { "vulnerability": "VCID-psbm-u2fr-afgx" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-s95j-1s4a-83bp" }, { "vulnerability": "VCID-t86d-v1jx-7kek" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zjh1-fhd3-mbcb" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/516737?format=api", "purl": "pkg:deb/debian/otrs2@6.0.16-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2" } ], "aliases": [ "CVE-2017-16664" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3t8c-btz5-aygz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97466?format=api", "vulnerability_id": "VCID-48xy-e43e-3uhq", "summary": "There is a XSS vulnerability in the ticket overview screens. It's possible to collect various information by having an e-mail shown in the overview screen. Attack can be performed by sending specially crafted e-mail to the system and it doesn't require any user intraction. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21441", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.53179", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.5324", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.53248", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.5323", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.53204", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21441" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21441", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21441" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992", "reference_id": "989992", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2021-21441" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-48xy-e43e-3uhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97429?format=api", "vulnerability_id": "VCID-4fub-mh26-8kch", "summary": "Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before 5.0.31 allows an admin to conduct an XSS attack via a modified URL because user and customer preferences are mishandled.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19141", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50538", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.506", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50607", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50587", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50557", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19141" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19141", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19141" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516737?format=api", "purl": "pkg:deb/debian/otrs2@6.0.16-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2" } ], "aliases": [ "CVE-2018-19141" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4fub-mh26-8kch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97453?format=api", "vulnerability_id": "VCID-5aaf-5d97-g3bg", "summary": "In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1769", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71566", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.7161", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71617", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71593", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71578", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1769" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1769", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1769" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1769" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5aaf-5d97-g3bg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53948?format=api", "vulnerability_id": "VCID-5jye-2stz-fqam", "summary": "Uncontrolled Resource Consumption\nThe jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package \"jquery-validation\". jquery-validation before version 1.19.3 contains one or more regular expressions that is vulnerable to ReDoS (Regular Expression Denial of Service). This is fixed in 1.19.3.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21252.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21252.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21252", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71666", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71704", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.7168", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00727", "scoring_system": "epss", "scoring_elements": "0.72983", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00727", "scoring_system": "epss", "scoring_elements": "0.73021", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21252" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21252" }, { "reference_url": "https://github.com/jquery-validation/jquery-validation", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery-validation/jquery-validation" }, { "reference_url": "https://github.com/jquery-validation/jquery-validation/commit/5d8f29eef363d043a8fec4eb86d42cadb5fa5f7d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery-validation/jquery-validation/commit/5d8f29eef363d043a8fec4eb86d42cadb5fa5f7d" }, { "reference_url": "https://github.com/jquery-validation/jquery-validation/pull/2371", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery-validation/jquery-validation/pull/2371" }, { "reference_url": "https://jqueryvalidation.org/#installation-via-package-managers", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://jqueryvalidation.org/#installation-via-package-managers" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210219-0005", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210219-0005" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210219-0005/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20210219-0005/" }, { "reference_url": "https://www.npmjs.com/package/jquery-validation", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.npmjs.com/package/jquery-validation" }, { "reference_url": "https://www.nuget.org/packages/jquery.validation", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.nuget.org/packages/jquery.validation" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096941", "reference_id": "2096941", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096941" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980891", "reference_id": "980891", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980891" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980892", "reference_id": "980892", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980892" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21252", "reference_id": "CVE-2021-21252", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21252" }, { "reference_url": "https://github.com/advisories/GHSA-jxwx-85vp-gvwm", "reference_id": "GHSA-jxwx-85vp-gvwm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jxwx-85vp-gvwm" }, { "reference_url": "https://github.com/jquery-validation/jquery-validation/security/advisories/GHSA-jxwx-85vp-gvwm", "reference_id": "GHSA-jxwx-85vp-gvwm", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery-validation/jquery-validation/security/advisories/GHSA-jxwx-85vp-gvwm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2021-21252", "GHSA-jxwx-85vp-gvwm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5jye-2stz-fqam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97442?format=api", "vulnerability_id": "VCID-6bmk-u1e6-ybav", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.11, and Community Edition 5.0.x through 5.0.37 and 6.0.x through 6.0.22. An attacker who is logged in as an agent or customer user with appropriate permissions can create a carefully crafted string containing malicious JavaScript code as an article body. This malicious code is executed when an agent composes an answer to the original article.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16375", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.71163", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.71206", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.71212", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.71195", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.7118", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16375" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-16375" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6bmk-u1e6-ybav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97414?format=api", "vulnerability_id": "VCID-6rc9-awnq-sbh3", "summary": "Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.3.x before 3.3.16, 4.0.x before 4.0.19, and 5.0.x before 5.0.14 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9139", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.4629", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46357", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46359", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46339", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46312", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9139" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=843091", "reference_id": "843091", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=843091" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/515603?format=api", "purl": "pkg:deb/debian/otrs2@5.0.16-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-17u4-6a9b-vfg7" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-2zbp-7f7d-9yax" }, { "vulnerability": "VCID-37a6-9nkd-zfe2" }, { "vulnerability": "VCID-3t8c-btz5-aygz" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-4fub-mh26-8kch" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-9vxt-vwmf-7qf9" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-a5xn-yn1g-kbfb" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-cwy4-f5jk-g7f1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-e41t-6ufe-4uhg" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-hq3f-5xvu-nybp" }, { "vulnerability": "VCID-j7u9-2fdf-yfgs" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-kj1x-kn4w-13a1" }, { "vulnerability": "VCID-n1x5-3apq-yuax" }, { "vulnerability": "VCID-psbm-u2fr-afgx" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-s95j-1s4a-83bp" }, { "vulnerability": "VCID-t86d-v1jx-7kek" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zjh1-fhd3-mbcb" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1~bpo8%252B1" } ], "aliases": [ "CVE-2016-9139" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6rc9-awnq-sbh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97457?format=api", "vulnerability_id": "VCID-7em4-9csm-pfgz", "summary": "An attacker with the ability to generate session IDs or password reset tokens, either by being able to authenticate or by exploiting OSA-2020-09, may be able to predict other users session IDs, password reset tokens and automatically generated passwords. This issue affects ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS; 7.0.15 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1773", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64667", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64708", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64717", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64706", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64696", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1773" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1773" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7em4-9csm-pfgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30634?format=api", "vulnerability_id": "VCID-84eq-cq89-9qhm", "summary": "Modification of Assumed-Immutable Data (MAID)\nPrototype pollution attack through jQuery $.extend", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html" }, { "reference_url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html" }, { "reference_url": "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html" }, { "reference_url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html" }, { "reference_url": "https://access.redhat.com/errata/RHBA-2019:1570", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://access.redhat.com/errata/RHBA-2019:1570" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1456", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2587", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3023", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3024", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3024" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11358.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11358.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11358", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01532", "scoring_system": "epss", "scoring_elements": "0.81677", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01532", "scoring_system": "epss", "scoring_elements": "0.81672", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01532", "scoring_system": "epss", "scoring_elements": "0.81678", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01532", "scoring_system": "epss", "scoring_elements": "0.81646", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11358" }, { "reference_url": "https://backdropcms.org/security/backdrop-sa-core-2019-009", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://backdropcms.org/security/backdrop-sa-core-2019-009" }, { "reference_url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released" }, { "reference_url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12467", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12467" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12471", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12471" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12473", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12474" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/May/10", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://seclists.org/fulldisclosure/2019/May/10" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/May/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://seclists.org/fulldisclosure/2019/May/11" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/May/13", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://seclists.org/fulldisclosure/2019/May/13" }, { "reference_url": "https://github.com/django/django/commit/34ec52269ade54af31a021b12969913129571a3f", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/django/django/commit/34ec52269ade54af31a021b12969913129571a3f" }, { "reference_url": "https://github.com/django/django/commit/95649bc08547a878cebfa1d019edec8cb1b80829", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/django/django/commit/95649bc08547a878cebfa1d019edec8cb1b80829" }, { "reference_url": "https://github.com/django/django/commit/baaf187a4e354bf3976c51e2c83a0d2f8ee6e6ad", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/django/django/commit/baaf187a4e354bf3976c51e2c83a0d2f8ee6e6ad" }, { "reference_url": "https://github.com/jquery/jquery", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery/jquery" }, { "reference_url": "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b" }, { "reference_url": "https://github.com/jquery/jquery/pull/4333", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://github.com/jquery/jquery/pull/4333" }, { "reference_url": "https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc" }, { "reference_url": "https://github.com/maximebf/php-debugbar/issues/447", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/maximebf/php-debugbar/issues/447" }, { "reference_url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434" }, { "reference_url": "https://hackerone.com/reports/454365", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "" } ], "url": "https://hackerone.com/reports/454365" }, { "reference_url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601" }, { "reference_url": "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5" }, { "reference_url": "https://seclists.org/bugtraq/2019/Apr/32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://seclists.org/bugtraq/2019/Apr/32" }, { "reference_url": "https://seclists.org/bugtraq/2019/Jun/12", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://seclists.org/bugtraq/2019/Jun/12" }, { "reference_url": "https://seclists.org/bugtraq/2019/May/18", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://seclists.org/bugtraq/2019/May/18" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190919-0001", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190919-0001" }, { "reference_url": "https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-450226", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-450226" }, { "reference_url": "https://snyk.io/vuln/SNYK-JS-JQUERY-174006", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://snyk.io/vuln/SNYK-JS-JQUERY-174006" }, { "reference_url": "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1" }, { "reference_url": "https://web.archive.org/web/20190824065237/http://www.securityfocus.com/bid/108023", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20190824065237/http://www.securityfocus.com/bid/108023" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4434", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4434" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4460", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4460" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/jun/03/security-releases", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.djangoproject.com/weblog/2019/jun/03/security-releases" }, { "reference_url": "https://www.drupal.org/sa-core-2019-006", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.drupal.org/sa-core-2019-006" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "reference_url": "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery" }, { "reference_url": "https://www.synology.com/security/advisory/Synology_SA_19_19", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.synology.com/security/advisory/Synology_SA_19_19" }, { "reference_url": "https://www.tenable.com/security/tns-2019-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.tenable.com/security/tns-2019-08" }, { "reference_url": "https://www.tenable.com/security/tns-2020-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.tenable.com/security/tns-2020-02" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/06/03/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/06/03/2" }, { "reference_url": "http://www.securityfocus.com/bid/108023", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "http://www.securityfocus.com/bid/108023" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972", "reference_id": "1701972", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, { "reference_url": "https://github.com/nodejs/security-wg/blob/main/vuln/npm/496.json", "reference_id": "496", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "" } ], "url": "https://github.com/nodejs/security-wg/blob/main/vuln/npm/496.json" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/", "reference_id": "4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/", "reference_id": "5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927466", "reference_id": "927466", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927466" }, { "reference_url": "https://security.archlinux.org/ASA-201906-2", "reference_id": "ASA-201906-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201906-2" }, { "reference_url": "https://security.archlinux.org/AVG-969", "reference_id": "AVG-969", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-969" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", "reference_id": "CVE-2019-11358", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2019-11358.yml", "reference_id": "CVE-2019-11358.YML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2019-11358.yml" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52141.txt", "reference_id": "CVE-2020-7656;CVE-2019-11358", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52141.txt" }, { "reference_url": "https://github.com/advisories/GHSA-6c3j-c64m-qhgq", "reference_id": "GHSA-6c3j-c64m-qhgq", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6c3j-c64m-qhgq" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/", "reference_id": "KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/" }, { "reference_url": "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/", "reference_id": "mitigating-cve-2019-11358-in-old-versions-of-jquery", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190919-0001/", "reference_id": "ntap-20190919-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190919-0001/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/", "reference_id": "QV3PKZC3PQCO3273HAT76PAQZFBEO4KP", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1325", "reference_id": "RHSA-2020:1325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2412", "reference_id": "RHSA-2020:2412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3936", "reference_id": "RHSA-2020:3936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4298", "reference_id": "RHSA-2020:4298", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4298" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4670", "reference_id": "RHSA-2020:4670", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4670" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4847", "reference_id": "RHSA-2020:4847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5581", "reference_id": "RHSA-2020:5581", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5581" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4142", "reference_id": "RHSA-2021:4142", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4142" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7343", "reference_id": "RHSA-2022:7343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0552", "reference_id": "RHSA-2023:0552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0553", "reference_id": "RHSA-2023:0553", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0553" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0554", "reference_id": "RHSA-2023:0554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0554" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0556", "reference_id": "RHSA-2023:0556", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0556" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/", "reference_id": "RLXRX23725JL366CNZGJZ7AQQB7LHQ6F", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/" }, { "reference_url": "https://usn.ubuntu.com/7622-1/", "reference_id": "USN-7622-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7622-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/", "reference_id": "WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-11358", "GHSA-6c3j-c64m-qhgq" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-84eq-cq89-9qhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97468?format=api", "vulnerability_id": "VCID-8bqn-wqhd-87da", "summary": "Agents are able to list appointments in the calendars without required permissions. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions prior to 7.0.27.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36091", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32296", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32368", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32337", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.323", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.3227", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36091" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36091", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36091" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593", "reference_id": "991593", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2021-36091" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8bqn-wqhd-87da" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97456?format=api", "vulnerability_id": "VCID-8wat-51ra-skdf", "summary": "It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. This issue affects: ((OTRS)) Community Edition 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1772", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63926", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.6397", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63977", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63967", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63955", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1772" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1772" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8wat-51ra-skdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97416?format=api", "vulnerability_id": "VCID-931s-zyss-r3ee", "summary": "In the Agent Frontend in Open Ticket Request System (OTRS) 3.3.x through 3.3.18, with a crafted URL it is possible to gain information like database user and password.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15864", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.66366", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.66406", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.66415", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.66399", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.66385", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15864" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15864" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/515603?format=api", "purl": "pkg:deb/debian/otrs2@5.0.16-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-17u4-6a9b-vfg7" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-2zbp-7f7d-9yax" }, { "vulnerability": "VCID-37a6-9nkd-zfe2" }, { "vulnerability": "VCID-3t8c-btz5-aygz" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-4fub-mh26-8kch" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-9vxt-vwmf-7qf9" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-a5xn-yn1g-kbfb" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-cwy4-f5jk-g7f1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-e41t-6ufe-4uhg" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-hq3f-5xvu-nybp" }, { "vulnerability": "VCID-j7u9-2fdf-yfgs" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-kj1x-kn4w-13a1" }, { "vulnerability": "VCID-n1x5-3apq-yuax" }, { "vulnerability": "VCID-psbm-u2fr-afgx" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-s95j-1s4a-83bp" }, { "vulnerability": "VCID-t86d-v1jx-7kek" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zjh1-fhd3-mbcb" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1~bpo8%252B1" } ], "aliases": [ "CVE-2017-15864" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-931s-zyss-r3ee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97444?format=api", "vulnerability_id": "VCID-9fy1-azty-z3f4", "summary": "Improper Check for filenames with overly long extensions in PostMaster (sending in email) or uploading files (e.g. attaching files to mails) of ((OTRS)) Community Edition and OTRS allows an remote attacker to cause an endless loop. This issue affects: OTRS AG: ((OTRS)) Community Edition 5.0.x version 5.0.38 and prior versions; 6.0.x version 6.0.23 and prior versions. OTRS AG: OTRS 7.0.x version 7.0.12 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18180", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01334", "scoring_system": "epss", "scoring_elements": "0.80308", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01334", "scoring_system": "epss", "scoring_elements": "0.80333", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01334", "scoring_system": "epss", "scoring_elements": "0.80336", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01334", "scoring_system": "epss", "scoring_elements": "0.80332", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01334", "scoring_system": "epss", "scoring_elements": "0.80324", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18180" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945251", "reference_id": "945251", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945251" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-18180" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9fy1-azty-z3f4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97432?format=api", "vulnerability_id": "VCID-9vxt-vwmf-7qf9", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 5.0.31 and 6.0.13. Users updating to 6.0.13 (also patchlevel updates) or 5.0.31 (only major updates) will experience data loss in their agent preferences table.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20800", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.46034", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.46102", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.46104", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.46083", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.46057", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20800" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516737?format=api", "purl": "pkg:deb/debian/otrs2@6.0.16-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2" } ], "aliases": [ "CVE-2018-20800" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9vxt-vwmf-7qf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97436?format=api", "vulnerability_id": "VCID-a1sz-pm39-a7ft", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the context of OTRS.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10067", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59655", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59706", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59709", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.597", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59681", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10067" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-10067" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a1sz-pm39-a7ft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97415?format=api", "vulnerability_id": "VCID-a5xn-yn1g-kbfb", "summary": "In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x before 4.0.25, and 5.x before 5.0.23, remote authenticated users can leverage statistics-write permissions to gain privileges via code injection.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14635", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72937", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72974", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72981", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72964", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72951", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14635" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14635", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14635" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876462", "reference_id": "876462", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876462" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/289171?format=api", "purl": "pkg:deb/debian/otrs2@3.3.18-1%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-17u4-6a9b-vfg7" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-2zbp-7f7d-9yax" }, { "vulnerability": "VCID-37a6-9nkd-zfe2" }, { "vulnerability": "VCID-3t8c-btz5-aygz" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-4fub-mh26-8kch" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-6rc9-awnq-sbh3" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-931s-zyss-r3ee" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-9vxt-vwmf-7qf9" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-a5xn-yn1g-kbfb" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-cwy4-f5jk-g7f1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-e41t-6ufe-4uhg" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-hq3f-5xvu-nybp" }, { "vulnerability": "VCID-j7u9-2fdf-yfgs" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-kj1x-kn4w-13a1" }, { "vulnerability": "VCID-n1x5-3apq-yuax" }, { "vulnerability": "VCID-psbm-u2fr-afgx" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-s95j-1s4a-83bp" }, { "vulnerability": "VCID-t86d-v1jx-7kek" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zjh1-fhd3-mbcb" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@3.3.18-1%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/515604?format=api", "purl": "pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-17u4-6a9b-vfg7" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-2zbp-7f7d-9yax" }, { "vulnerability": "VCID-37a6-9nkd-zfe2" }, { "vulnerability": "VCID-3t8c-btz5-aygz" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-4fub-mh26-8kch" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-9vxt-vwmf-7qf9" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-a5xn-yn1g-kbfb" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-cwy4-f5jk-g7f1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-e41t-6ufe-4uhg" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-hq3f-5xvu-nybp" }, { "vulnerability": "VCID-j7u9-2fdf-yfgs" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-kj1x-kn4w-13a1" }, { "vulnerability": "VCID-n1x5-3apq-yuax" }, { "vulnerability": "VCID-psbm-u2fr-afgx" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-s95j-1s4a-83bp" }, { "vulnerability": "VCID-t86d-v1jx-7kek" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zjh1-fhd3-mbcb" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/516737?format=api", "purl": "pkg:deb/debian/otrs2@6.0.16-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2" } ], "aliases": [ "CVE-2017-14635" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a5xn-yn1g-kbfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97458?format=api", "vulnerability_id": "VCID-amad-41hs-1qay", "summary": "When user downloads PGP or S/MIME keys/certificates, exported file has same name for private and public keys. Therefore it's possible to mix them and to send private key to the third-party instead of public key. This issue affects ((OTRS)) Community Edition: 5.0.42 and prior versions, 6.0.27 and prior versions. OTRS: 7.0.16 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1774", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42294", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42369", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42381", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42354", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.4232", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1774" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959448", "reference_id": "959448", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959448" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1774" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-amad-41hs-1qay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97445?format=api", "vulnerability_id": "VCID-cbw1-dcam-fff1", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 6.x before 6.0.17 and 7.x before 7.0.5. An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS. This is related to Kernel/Output/Template/Document.pm.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9751", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.61185", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.61234", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.61241", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.61228", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.6121", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9751" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-9751" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cbw1-dcam-fff1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97428?format=api", "vulnerability_id": "VCID-cwy4-f5jk-g7f1", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 6.0.x before 6.0.12. An attacker could send an e-mail message with a malicious link to an OTRS system or an agent. If a logged-in agent opens this link, it could cause the execution of JavaScript in the context of OTRS.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17883", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00838", "scoring_system": "epss", "scoring_elements": "0.75034", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00838", "scoring_system": "epss", "scoring_elements": "0.75063", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00838", "scoring_system": "epss", "scoring_elements": "0.75067", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00838", "scoring_system": "epss", "scoring_elements": "0.7506", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00838", "scoring_system": "epss", "scoring_elements": "0.75045", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17883" }, { "reference_url": "https://community.otrs.com/category/release-and-security-notes-en/", "reference_id": "release-and-security-notes-en", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T16:24:58Z/" } ], "url": "https://community.otrs.com/category/release-and-security-notes-en/" }, { "reference_url": "https://community.otrs.com/security-advisory-2018-06-security-update-for-otrs-framework/", "reference_id": "security-advisory-2018-06-security-update-for-otrs-framework", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T16:24:58Z/" } ], "url": "https://community.otrs.com/security-advisory-2018-06-security-update-for-otrs-framework/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516737?format=api", "purl": "pkg:deb/debian/otrs2@6.0.16-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2" } ], "aliases": [ "CVE-2018-17883" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cwy4-f5jk-g7f1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97467?format=api", "vulnerability_id": "VCID-dnfd-spvs-9qbb", "summary": "Agents are able to list customer user emails without required permissions in the bulk action screen. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions prior to 7.0.27.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44625", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44694", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44702", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.4468", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44648", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21443" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593", "reference_id": "991593", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2021-21443" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dnfd-spvs-9qbb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97427?format=api", "vulnerability_id": "VCID-e41t-6ufe-4uhg", "summary": "In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that the OTRS web server user has write access to.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16587", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65897", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65949", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65961", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65947", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65936", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14593" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16587" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/515604?format=api", "purl": "pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-17u4-6a9b-vfg7" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-2zbp-7f7d-9yax" }, { "vulnerability": "VCID-37a6-9nkd-zfe2" }, { "vulnerability": "VCID-3t8c-btz5-aygz" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-4fub-mh26-8kch" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-9vxt-vwmf-7qf9" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-a5xn-yn1g-kbfb" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-cwy4-f5jk-g7f1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-e41t-6ufe-4uhg" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-hq3f-5xvu-nybp" }, { "vulnerability": "VCID-j7u9-2fdf-yfgs" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-kj1x-kn4w-13a1" }, { "vulnerability": "VCID-n1x5-3apq-yuax" }, { "vulnerability": "VCID-psbm-u2fr-afgx" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-s95j-1s4a-83bp" }, { "vulnerability": "VCID-t86d-v1jx-7kek" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zjh1-fhd3-mbcb" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/516737?format=api", "purl": "pkg:deb/debian/otrs2@6.0.16-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2" } ], "aliases": [ "CVE-2018-16587" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e41t-6ufe-4uhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97437?format=api", "vulnerability_id": "VCID-fxxh-51wc-gbb3", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.7, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. An attacker could send a malicious email to an OTRS system. If a logged-in agent user quotes it, the email could cause the browser to load external image resources.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12248", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72412", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72453", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.7246", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.7244", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72427", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12248" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-12248" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fxxh-51wc-gbb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97435?format=api", "vulnerability_id": "VCID-gubp-jzhm-kyh6", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through 5.0.12. An attacker who is logged into OTRS as an agent with appropriate permissions may create a carefully crafted calendar appointment in order to cause execution of JavaScript in the context of OTRS.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10066", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63701", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63743", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.6375", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63742", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.6373", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10066" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-10066" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gubp-jzhm-kyh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97419?format=api", "vulnerability_id": "VCID-hq3f-5xvu-nybp", "summary": "In Open Ticket Request System (OTRS) through 3.3.20, 4 through 4.0.26, 5 through 5.0.24, and 6 through 6.0.1, an attacker who is logged in as a customer can use the ticket search form to disclose internal article information of their customer tickets.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16854", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00358", "scoring_system": "epss", "scoring_elements": "0.58287", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00358", "scoring_system": "epss", "scoring_elements": "0.58335", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00358", "scoring_system": "epss", "scoring_elements": "0.58344", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00358", "scoring_system": "epss", "scoring_elements": "0.58334", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00358", "scoring_system": "epss", "scoring_elements": "0.58319", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16921" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/289171?format=api", "purl": "pkg:deb/debian/otrs2@3.3.18-1%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-17u4-6a9b-vfg7" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-2zbp-7f7d-9yax" }, { "vulnerability": "VCID-37a6-9nkd-zfe2" }, { "vulnerability": "VCID-3t8c-btz5-aygz" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-4fub-mh26-8kch" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-6rc9-awnq-sbh3" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-931s-zyss-r3ee" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-9vxt-vwmf-7qf9" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-a5xn-yn1g-kbfb" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-cwy4-f5jk-g7f1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-e41t-6ufe-4uhg" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-hq3f-5xvu-nybp" }, { "vulnerability": "VCID-j7u9-2fdf-yfgs" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-kj1x-kn4w-13a1" }, { "vulnerability": "VCID-n1x5-3apq-yuax" }, { "vulnerability": "VCID-psbm-u2fr-afgx" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-s95j-1s4a-83bp" }, { "vulnerability": "VCID-t86d-v1jx-7kek" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zjh1-fhd3-mbcb" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@3.3.18-1%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/515604?format=api", "purl": "pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-17u4-6a9b-vfg7" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-2zbp-7f7d-9yax" }, { "vulnerability": "VCID-37a6-9nkd-zfe2" }, { "vulnerability": "VCID-3t8c-btz5-aygz" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-4fub-mh26-8kch" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-9vxt-vwmf-7qf9" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-a5xn-yn1g-kbfb" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-cwy4-f5jk-g7f1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-e41t-6ufe-4uhg" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-hq3f-5xvu-nybp" }, { "vulnerability": "VCID-j7u9-2fdf-yfgs" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-kj1x-kn4w-13a1" }, { "vulnerability": "VCID-n1x5-3apq-yuax" }, { "vulnerability": "VCID-psbm-u2fr-afgx" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-s95j-1s4a-83bp" }, { "vulnerability": "VCID-t86d-v1jx-7kek" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zjh1-fhd3-mbcb" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/516737?format=api", "purl": "pkg:deb/debian/otrs2@6.0.16-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2" } ], "aliases": [ "CVE-2017-16854" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hq3f-5xvu-nybp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97425?format=api", "vulnerability_id": "VCID-j7u9-2fdf-yfgs", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14593", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.71102", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.71144", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.71151", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.71133", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.71119", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14593" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14593" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16587" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/515604?format=api", "purl": "pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-17u4-6a9b-vfg7" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-2zbp-7f7d-9yax" }, { "vulnerability": "VCID-37a6-9nkd-zfe2" }, { "vulnerability": "VCID-3t8c-btz5-aygz" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-4fub-mh26-8kch" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-9vxt-vwmf-7qf9" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-a5xn-yn1g-kbfb" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-cwy4-f5jk-g7f1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-e41t-6ufe-4uhg" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-hq3f-5xvu-nybp" }, { "vulnerability": "VCID-j7u9-2fdf-yfgs" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-kj1x-kn4w-13a1" }, { "vulnerability": "VCID-n1x5-3apq-yuax" }, { "vulnerability": "VCID-psbm-u2fr-afgx" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-s95j-1s4a-83bp" }, { "vulnerability": "VCID-t86d-v1jx-7kek" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zjh1-fhd3-mbcb" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/516737?format=api", "purl": "pkg:deb/debian/otrs2@6.0.16-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2" } ], "aliases": [ "CVE-2018-14593" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j7u9-2fdf-yfgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51650?format=api", "vulnerability_id": "VCID-jed8-4cv5-6bcr", "summary": "Potential XSS vulnerability in jQuery\n### Impact\nPassing HTML from untrusted sources - even after sanitizing it - to\none of jQuery's DOM manipulation methods (i.e. `.html()`, `.append()`,\nand others) may execute untrusted code.\n\n### Patches\nThis problem is patched in jQuery 3.5.0.\n\n### Workarounds\nTo workaround the issue without upgrading, adding the following to\nyour code:\n```js\njQuery.htmlPrefilter = function( html ) {\n return html;\n};\n```\nYou need to use at least jQuery 1.12/2.2 or newer to be able to\napply this workaround.\n\n### References\nhttps://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\nhttps://jquery.com/upgrade-guide/3.5/\n\n### For more information\nIf you have any questions or comments about this advisory, search\nfor a relevant issue in\n[the jQuery repo](https://github.com/jquery/jquery/issues).\n\nIf you don't find an answer, open a new issue.\"", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11022.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11022.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02456", "scoring_system": "epss", "scoring_elements": "0.85507", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.02456", "scoring_system": "epss", "scoring_elements": "0.85522", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02456", "scoring_system": "epss", "scoring_elements": "0.85521", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02456", "scoring_system": "epss", "scoring_elements": "0.85498", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02456", "scoring_system": "epss", "scoring_elements": "0.85527", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11022" }, { "reference_url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released" }, { "reference_url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662" }, { "reference_url": "http://security.netapp.com/advisory/ntap-20200511-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://security.netapp.com/advisory/ntap-20200511-0006" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/jquery/jquery", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery/jquery" }, { "reference_url": "https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77" }, { "reference_url": "https://github.com/jquery/jquery/releases/tag/3.5.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery/jquery/releases/tag/3.5.0" }, { "reference_url": "https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2" }, { "reference_url": "https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc" }, { "reference_url": "https://github.com/maximebf/php-debugbar/issues/447", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/maximebf/php-debugbar/issues/447" }, { "reference_url": "https://jquery.com/upgrade-guide/3.5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://jquery.com/upgrade-guide/3.5" }, { "reference_url": "https://jquery.com/upgrade-guide/3.5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://jquery.com/upgrade-guide/3.5/" }, { "reference_url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W" }, { "reference_url": "https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html" }, { "reference_url": "https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html" }, { "reference_url": "https://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html" }, { "reference_url": "https://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html" }, { "reference_url": "https://security.gentoo.org/glsa/202007-03", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202007-03" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4693", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2020/dsa-4693" }, { "reference_url": "https://www.drupal.org/sa-core-2020-002", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.drupal.org/sa-core-2020-002" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://www.tenable.com/security/tns-2020-10", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2020-10" }, { "reference_url": "https://www.tenable.com/security/tns-2020-11", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2020-11" }, { "reference_url": "https://www.tenable.com/security/tns-2021-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2021-02" }, { "reference_url": "https://www.tenable.com/security/tns-2021-10", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2021-10" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406", "reference_id": "1828406", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49766.txt", "reference_id": "CVE-2020-11022", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49766.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "reference_id": "CVE-2020-11022", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11022.yml", "reference_id": "CVE-2020-11022.YML", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11022.yml" }, { "reference_url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "reference_id": "GHSA-gxr4-xjj5-5px2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2217", "reference_id": "RHSA-2020:2217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2362", "reference_id": "RHSA-2020:2362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2412", "reference_id": "RHSA-2020:2412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2813", "reference_id": "RHSA-2020:2813", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2813" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3247", "reference_id": "RHSA-2020:3247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3807", "reference_id": "RHSA-2020:3807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3936", "reference_id": "RHSA-2020:3936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4211", "reference_id": "RHSA-2020:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4298", "reference_id": "RHSA-2020:4298", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4298" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4670", "reference_id": "RHSA-2020:4670", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4670" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4847", "reference_id": "RHSA-2020:4847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5249", "reference_id": "RHSA-2020:5249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0778", "reference_id": "RHSA-2021:0778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6393", "reference_id": "RHSA-2022:6393", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6393" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0552", "reference_id": "RHSA-2023:0552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0553", "reference_id": "RHSA-2023:0553", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0553" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0554", "reference_id": "RHSA-2023:0554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0554" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0556", "reference_id": "RHSA-2023:0556", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0556" }, { "reference_url": "https://usn.ubuntu.com/7246-1/", "reference_id": "USN-7246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7246-1/" }, { "reference_url": "https://usn.ubuntu.com/7622-1/", "reference_id": "USN-7622-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7622-1/" }, { "reference_url": "https://usn.ubuntu.com/7658-1/", "reference_id": "USN-7658-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7658-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-11022", "GHSA-gxr4-xjj5-5px2" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jed8-4cv5-6bcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97451?format=api", "vulnerability_id": "VCID-k6nu-g1bk-dkg7", "summary": "Agent A is able to save a draft (i.e. for customer reply). Then Agent B can open the draft, change the text completely and send it in the name of Agent A. For the customer it will not be visible that the message was sent by another agent. This issue affects: ((OTRS)) Community Edition 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00555", "scoring_system": "epss", "scoring_elements": "0.68489", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00555", "scoring_system": "epss", "scoring_elements": "0.6853", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00555", "scoring_system": "epss", "scoring_elements": "0.68537", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00555", "scoring_system": "epss", "scoring_elements": "0.68531", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00555", "scoring_system": "epss", "scoring_elements": "0.68515", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1767" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1767" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k6nu-g1bk-dkg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97423?format=api", "vulnerability_id": "VCID-kj1x-kn4w-13a1", "summary": "An issue was discovered in OTRS 6.0.x before 6.0.7. An attacker who is logged into OTRS as a customer can use the ticket overview screen to disclose internal article information of their customer tickets.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10198", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.4545", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45519", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45522", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45502", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45477", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10198" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10198", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10198" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516737?format=api", "purl": "pkg:deb/debian/otrs2@6.0.16-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2" } ], "aliases": [ "CVE-2018-10198" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kj1x-kn4w-13a1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97430?format=api", "vulnerability_id": "VCID-n1x5-3apq-yuax", "summary": "Open Ticket Request System (OTRS) 6.0.x before 6.0.13 allows an admin to conduct an XSS attack via a modified URL.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19142", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.53049", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.5311", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.53118", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.53099", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.53074", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19142" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19142", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19142" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516737?format=api", "purl": "pkg:deb/debian/otrs2@6.0.16-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2" } ], "aliases": [ "CVE-2018-19142" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n1x5-3apq-yuax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97446?format=api", "vulnerability_id": "VCID-psbm-u2fr-afgx", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. An attacker who is logged into OTRS as an agent or a customer user may upload a carefully crafted resource in order to cause execution of JavaScript in the context of OTRS. This is related to Content-type mishandling in Kernel/Modules/PictureUpload.pm.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9752", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.6953", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.6957", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69578", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69568", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69556", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9752" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516737?format=api", "purl": "pkg:deb/debian/otrs2@6.0.16-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2" } ], "aliases": [ "CVE-2019-9752" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-psbm-u2fr-afgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97460?format=api", "vulnerability_id": "VCID-qabf-7jqg-b3du", "summary": "When an agent user is renamed or set to invalid the session belonging to the user is keept active. The session can not be used to access ticket data in the case the agent is invalid. This issue affects ((OTRS)) Community Edition: 6.0.28 and prior versions. OTRS: 7.0.18 and prior versions, 8.0.4. and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1776", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55867", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55923", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55929", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55916", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55899", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1776" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1776" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qabf-7jqg-b3du" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97465?format=api", "vulnerability_id": "VCID-qd3v-muyf-tkd7", "summary": "Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.27 and prior versions; 8.0.x version 8.0.14 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21440", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39236", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39326", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.3933", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39301", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39274", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21440" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21440", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21440" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593", "reference_id": "991593", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2021-21440" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qd3v-muyf-tkd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97443?format=api", "vulnerability_id": "VCID-r7xv-pxng-kfap", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, even tickets in a queue where the attacker doesn't have permissions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18179", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.61163", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.61212", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.61219", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.61205", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.61188", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18179" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18179", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18179" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945251", "reference_id": "945251", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945251" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-18179" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r7xv-pxng-kfap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97426?format=api", "vulnerability_id": "VCID-s95j-1s4a-83bp", "summary": "In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a logged in user opens it, the email could cause the browser to load external image or CSS resources.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16586", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.6935", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.6939", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.69398", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.69389", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.69377", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14593" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16587" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/515604?format=api", "purl": "pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-17u4-6a9b-vfg7" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-2zbp-7f7d-9yax" }, { "vulnerability": "VCID-37a6-9nkd-zfe2" }, { "vulnerability": "VCID-3t8c-btz5-aygz" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-4fub-mh26-8kch" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-9vxt-vwmf-7qf9" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-a5xn-yn1g-kbfb" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-cwy4-f5jk-g7f1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-e41t-6ufe-4uhg" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-hq3f-5xvu-nybp" }, { "vulnerability": "VCID-j7u9-2fdf-yfgs" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-kj1x-kn4w-13a1" }, { "vulnerability": "VCID-n1x5-3apq-yuax" }, { "vulnerability": "VCID-psbm-u2fr-afgx" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-s95j-1s4a-83bp" }, { "vulnerability": "VCID-t86d-v1jx-7kek" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zjh1-fhd3-mbcb" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/516737?format=api", "purl": "pkg:deb/debian/otrs2@6.0.16-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2" } ], "aliases": [ "CVE-2018-16586" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s95j-1s4a-83bp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97424?format=api", "vulnerability_id": "VCID-t86d-v1jx-7kek", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.7. A carefully constructed email could be used to inject and execute arbitrary stylesheet or JavaScript code in a logged in customer's browser in the context of the OTRS customer panel application.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11563", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52447", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53511", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53571", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53579", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53566", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11563" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11563", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11563" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516737?format=api", "purl": "pkg:deb/debian/otrs2@6.0.16-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2" } ], "aliases": [ "CVE-2018-11563" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t86d-v1jx-7kek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97448?format=api", "vulnerability_id": "VCID-ug4m-ygza-bqct", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of arbitrary files on the OTRS filesystem.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9892", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.63023", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.63067", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.63075", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.63065", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.63052", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9892" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9892", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9892" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-9892" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ug4m-ygza-bqct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97441?format=api", "vulnerability_id": "VCID-vjgu-685x-pyff", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, and Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS notification tags in templates in order to disclose hashed user passwords.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13458", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59502", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59493", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59473", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59912", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59959", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13458" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13458", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13458" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-13458" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vjgu-685x-pyff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51649?format=api", "vulnerability_id": "VCID-vjrr-h9sh-3bcu", "summary": "Potential XSS vulnerability in jQuery\n## Impact\n\nPassing HTML containing `<option>` elements from untrusted sources - even after\nsanitizing them - to one of jQuery's DOM manipulation methods (i.e. `.html()`,\n`.append()`, and others) may execute untrusted code.\n\n## Workarounds\n\nTo workaround this issue without upgrading, use DOMPurify with its\n`SAFE_FOR_JQUERY` option to sanitize the HTML string before passing it to a\njQuery method.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html" }, { "reference_url": "http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11023.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11023.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11023", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.3466", "scoring_system": "epss", "scoring_elements": "0.97098", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.3466", "scoring_system": "epss", "scoring_elements": "0.97103", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.3466", "scoring_system": "epss", "scoring_elements": "0.97101", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11023" }, { "reference_url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/jquery/jquery", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery/jquery" }, { "reference_url": "https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77" }, { "reference_url": "https://github.com/jquery/jquery/releases/tag/3.5.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery/jquery/releases/tag/3.5.0" }, { "reference_url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#410", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#410" }, { "reference_url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440" }, { "reference_url": "https://github.com/rails/jquery-rails/blob/v4.3.5/vendor/assets/javascripts/jquery3.js#L5979", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rails/jquery-rails/blob/v4.3.5/vendor/assets/javascripts/jquery3.js#L5979" }, { "reference_url": "https://github.com/rails/jquery-rails/blob/v4.4.0/vendor/assets/javascripts/jquery3.js#L6162", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rails/jquery-rails/blob/v4.4.0/vendor/assets/javascripts/jquery3.js#L6162" }, { "reference_url": "https://jquery.com/upgrade-guide/3.5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://jquery.com/upgrade-guide/3.5" }, { "reference_url": "https://jquery.com/upgrade-guide/3.5/", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://jquery.com/upgrade-guide/3.5/" }, { "reference_url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3Ccommits.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3Ccommits.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3Ccommits.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3Ccommits.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3Cissues.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3Cissues.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3Cdev.felix.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3Cdev.felix.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3Cgitbox.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3Cgitbox.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3Cdev.hive.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3Cdev.hive.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B" }, { "reference_url": "https://security.gentoo.org/glsa/202007-03", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://security.gentoo.org/glsa/202007-03" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200511-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20200511-0006" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230725-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20230725-0003" }, { "reference_url": "https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-565440", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-565440" }, { "reference_url": "https://snyk.io/vuln/SNYK-JS-JQUERY-565129", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://snyk.io/vuln/SNYK-JS-JQUERY-565129" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11023", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11023" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4693", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.debian.org/security/2020/dsa-4693" }, { "reference_url": "https://www.drupal.org/sa-core-2020-002", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.drupal.org/sa-core-2020-002" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://www.tenable.com/security/tns-2021-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.tenable.com/security/tns-2021-02" }, { "reference_url": "https://www.tenable.com/security/tns-2021-10", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://www.tenable.com/security/tns-2021-10" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004", "reference_id": "1850004", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/", "reference_id": "AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49767.txt", "reference_id": "CVE-2020-11023", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49767.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "reference_id": "CVE-2020-11023", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11023.yml", "reference_id": "CVE-2020-11023.YML", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11023.yml" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-23064.yml", "reference_id": "CVE-2020-23064.YML", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-23064.yml" }, { "reference_url": "https://github.com/advisories/GHSA-jpcq-cgw6-v4j6", "reference_id": "GHSA-jpcq-cgw6-v4j6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jpcq-cgw6-v4j6" }, { "reference_url": "https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6", "reference_id": "GHSA-jpcq-cgw6-v4j6", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6" }, { "reference_url": "https://github.com/github/advisory-database/blob/99afa6fdeaf5d1d23e1021ff915a5e5dbc82c1f1/advisories/github-reviewed/2020/04/GHSA-jpcq-cgw6-v4j6/GHSA-jpcq-cgw6-v4j6.json#L20-L37", "reference_id": "GHSA-jpcq-cgw6-v4j6.json#L20-L37", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/github/advisory-database/blob/99afa6fdeaf5d1d23e1021ff915a5e5dbc82c1f1/advisories/github-reviewed/2020/04/GHSA-jpcq-cgw6-v4j6/GHSA-jpcq-cgw6-v4j6.json#L20-L37" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200511-0006/", "reference_id": "ntap-20200511-0006", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20200511-0006/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/", "reference_id": "QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2412", "reference_id": "RHSA-2020:2412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2813", "reference_id": "RHSA-2020:2813", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2813" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3247", "reference_id": "RHSA-2020:3247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3369", "reference_id": "RHSA-2020:3369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3807", "reference_id": "RHSA-2020:3807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4211", "reference_id": "RHSA-2020:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4298", "reference_id": "RHSA-2020:4298", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4298" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4847", "reference_id": "RHSA-2020:4847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5249", "reference_id": "RHSA-2020:5249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5412", "reference_id": "RHSA-2020:5412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0778", "reference_id": "RHSA-2021:0778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0851", "reference_id": "RHSA-2021:0851", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0851" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0860", "reference_id": "RHSA-2021:0860", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0860" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1846", "reference_id": "RHSA-2021:1846", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1846" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4142", "reference_id": "RHSA-2021:4142", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4142" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6393", "reference_id": "RHSA-2022:6393", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6393" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7343", "reference_id": "RHSA-2022:7343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0552", "reference_id": "RHSA-2023:0552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0553", "reference_id": "RHSA-2023:0553", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0553" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0554", "reference_id": "RHSA-2023:0554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0554" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0556", "reference_id": "RHSA-2023:0556", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0556" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1070", "reference_id": "RHSA-2025:1070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1185", "reference_id": "RHSA-2025:1185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1209", "reference_id": "RHSA-2025:1209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1210", "reference_id": "RHSA-2025:1210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1211", "reference_id": "RHSA-2025:1211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1212", "reference_id": "RHSA-2025:1212", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1212" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1213", "reference_id": "RHSA-2025:1213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1214", "reference_id": "RHSA-2025:1214", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1214" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1215", "reference_id": "RHSA-2025:1215", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1215" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1216", "reference_id": "RHSA-2025:1216", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1216" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1217", "reference_id": "RHSA-2025:1217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1247", "reference_id": "RHSA-2025:1247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1255", "reference_id": "RHSA-2025:1255", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1255" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1256", "reference_id": "RHSA-2025:1256", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1256" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1300", "reference_id": "RHSA-2025:1300", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1300" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1301", "reference_id": "RHSA-2025:1301", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1301" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1303", "reference_id": "RHSA-2025:1303", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1304", "reference_id": "RHSA-2025:1304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1305", "reference_id": "RHSA-2025:1305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1306", "reference_id": "RHSA-2025:1306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1308", "reference_id": "RHSA-2025:1308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1309", "reference_id": "RHSA-2025:1309", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1309" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1310", "reference_id": "RHSA-2025:1310", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1310" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1311", "reference_id": "RHSA-2025:1311", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1311" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1312", "reference_id": "RHSA-2025:1312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1314", "reference_id": "RHSA-2025:1314", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1314" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1315", "reference_id": "RHSA-2025:1315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1329", "reference_id": "RHSA-2025:1329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1338", "reference_id": "RHSA-2025:1338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1342", "reference_id": "RHSA-2025:1342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1346", "reference_id": "RHSA-2025:1346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1514", "reference_id": "RHSA-2025:1514", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1514" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1515", "reference_id": "RHSA-2025:1515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1580", "reference_id": "RHSA-2025:1580", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1601", "reference_id": "RHSA-2025:1601", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1983", "reference_id": "RHSA-2025:1983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2426", "reference_id": "RHSA-2025:2426", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2426" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/", "reference_id": "SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/", "reference_id": "SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/" }, { "reference_url": "https://usn.ubuntu.com/7246-1/", "reference_id": "USN-7246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7246-1/" }, { "reference_url": "https://usn.ubuntu.com/7622-1/", "reference_id": "USN-7622-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7622-1/" }, { "reference_url": "https://usn.ubuntu.com/7658-1/", "reference_id": "USN-7658-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7658-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-11023", "GHSA-jpcq-cgw6-v4j6" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vjrr-h9sh-3bcu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97449?format=api", "vulnerability_id": "VCID-x6vz-j7gw-2kbq", "summary": "An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1765", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70773", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70816", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70823", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70805", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70792", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1765" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1765", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1765" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1765" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x6vz-j7gw-2kbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97464?format=api", "vulnerability_id": "VCID-xjen-uzab-a7cu", "summary": "DoS attack can be performed when an email contains specially designed URL in the body. It can lead to the high CPU usage and cause low quality of service, or in extreme case bring the system to a halt. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions; 8.0.x version 8.0.13 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21439", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57573", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57625", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57633", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57612", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21439" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21439", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21439" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992", "reference_id": "989992", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2021-21439" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xjen-uzab-a7cu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97438?format=api", "vulnerability_id": "VCID-xy85-n3rw-6uar", "summary": "An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. In the customer or external frontend, personal information of agents (e.g., Name and mail address) can be disclosed in external notes.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12497", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00586", "scoring_system": "epss", "scoring_elements": "0.69466", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00917", "scoring_system": "epss", "scoring_elements": "0.76337", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00917", "scoring_system": "epss", "scoring_elements": "0.7634", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00917", "scoring_system": "epss", "scoring_elements": "0.76332", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00917", "scoring_system": "epss", "scoring_elements": "0.76322", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12497" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-12497" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xy85-n3rw-6uar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97439?format=api", "vulnerability_id": "VCID-yw3f-yrw5-zuhu", "summary": "An issue was discovered in Open Ticket Request System (OTRS) Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be then be potentially abused in order to impersonate the agent user.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12746", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00822", "scoring_system": "epss", "scoring_elements": "0.74816", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00822", "scoring_system": "epss", "scoring_elements": "0.74807", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00822", "scoring_system": "epss", "scoring_elements": "0.74791", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00838", "scoring_system": "epss", "scoring_elements": "0.75047", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00838", "scoring_system": "epss", "scoring_elements": "0.75077", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12746" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12746" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2019-12746" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yw3f-yrw5-zuhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97420?format=api", "vulnerability_id": "VCID-zjh1-fhd3-mbcb", "summary": "In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form parameters (related to PGP) and execute arbitrary shell commands with the permissions of the OTRS or web server user.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16921", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.33869", "scoring_system": "epss", "scoring_elements": "0.97049", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.33869", "scoring_system": "epss", "scoring_elements": "0.97052", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.33869", "scoring_system": "epss", "scoring_elements": "0.97054", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.33869", "scoring_system": "epss", "scoring_elements": "0.97056", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16921" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883774", "reference_id": "883774", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883774" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/perl/webapps/43853.txt", "reference_id": "CVE-2017-16921", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/perl/webapps/43853.txt" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/289171?format=api", "purl": "pkg:deb/debian/otrs2@3.3.18-1%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-17u4-6a9b-vfg7" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-2zbp-7f7d-9yax" }, { "vulnerability": "VCID-37a6-9nkd-zfe2" }, { "vulnerability": "VCID-3t8c-btz5-aygz" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-4fub-mh26-8kch" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-6rc9-awnq-sbh3" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-931s-zyss-r3ee" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-9vxt-vwmf-7qf9" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-a5xn-yn1g-kbfb" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-cwy4-f5jk-g7f1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-e41t-6ufe-4uhg" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-hq3f-5xvu-nybp" }, { "vulnerability": "VCID-j7u9-2fdf-yfgs" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-kj1x-kn4w-13a1" }, { "vulnerability": "VCID-n1x5-3apq-yuax" }, { "vulnerability": "VCID-psbm-u2fr-afgx" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-s95j-1s4a-83bp" }, { "vulnerability": "VCID-t86d-v1jx-7kek" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zjh1-fhd3-mbcb" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@3.3.18-1%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/515604?format=api", "purl": "pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-17u4-6a9b-vfg7" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-2zbp-7f7d-9yax" }, { "vulnerability": "VCID-37a6-9nkd-zfe2" }, { "vulnerability": "VCID-3t8c-btz5-aygz" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-4fub-mh26-8kch" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-9vxt-vwmf-7qf9" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-a5xn-yn1g-kbfb" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-cwy4-f5jk-g7f1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-e41t-6ufe-4uhg" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-hq3f-5xvu-nybp" }, { "vulnerability": "VCID-j7u9-2fdf-yfgs" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-kj1x-kn4w-13a1" }, { "vulnerability": "VCID-n1x5-3apq-yuax" }, { "vulnerability": "VCID-psbm-u2fr-afgx" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-s95j-1s4a-83bp" }, { "vulnerability": "VCID-t86d-v1jx-7kek" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zjh1-fhd3-mbcb" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/516737?format=api", "purl": "pkg:deb/debian/otrs2@6.0.16-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2" } ], "aliases": [ "CVE-2017-16921" ], "risk_score": 0.6, "exploitability": "2.0", "weighted_severity": "0.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zjh1-fhd3-mbcb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97450?format=api", "vulnerability_id": "VCID-zvje-yu8a-67eh", "summary": "Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1766", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.71075", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.71117", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.71124", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.71107", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.71093", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1766" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1766", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1766" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/516738?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6" } ], "aliases": [ "CVE-2020-1766" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zvje-yu8a-67eh" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97413?format=api", "vulnerability_id": "VCID-ctbe-7zcx-dyhm", "summary": "The GenericInterface in OTRS Help Desk 3.2.x before 3.2.17, 3.3.x before 3.3.11, and 4.0.x before 4.0.3 allows remote authenticated users to access and modify arbitrary tickets via unspecified vectors.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9324", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76879", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76912", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.7692", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76909", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76897", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9324" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9324", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9324" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/197150?format=api", "purl": "pkg:deb/debian/otrs2@3.1.7%2Bdfsg1-8%2Bdeb7u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-17u4-6a9b-vfg7" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-2zbp-7f7d-9yax" }, { "vulnerability": "VCID-37a6-9nkd-zfe2" }, { "vulnerability": "VCID-3bfm-5e9a-jfb8" }, { "vulnerability": "VCID-3t8c-btz5-aygz" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-4fub-mh26-8kch" }, { "vulnerability": "VCID-4raf-wqx7-6ud7" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-6rc9-awnq-sbh3" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8nd4-utbt-sfdb" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-931s-zyss-r3ee" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-9vxt-vwmf-7qf9" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-a5xn-yn1g-kbfb" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-ctbe-7zcx-dyhm" }, { "vulnerability": "VCID-cwy4-f5jk-g7f1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-e41t-6ufe-4uhg" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-hq3f-5xvu-nybp" }, { "vulnerability": "VCID-j7u9-2fdf-yfgs" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-kj1x-kn4w-13a1" }, { "vulnerability": "VCID-n1x5-3apq-yuax" }, { "vulnerability": "VCID-psbm-u2fr-afgx" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-s95j-1s4a-83bp" }, { "vulnerability": "VCID-t86d-v1jx-7kek" }, { "vulnerability": "VCID-uctg-r8kz-xkdb" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-vnxj-qntn-dqcj" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-x8rn-gegk-hbcb" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zjh1-fhd3-mbcb" }, { "vulnerability": "VCID-zrqg-4qq2-suaj" }, { "vulnerability": "VCID-zvje-yu8a-67eh" }, { "vulnerability": "VCID-zyxc-fh2s-tfcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@3.1.7%252Bdfsg1-8%252Bdeb7u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/289170?format=api", "purl": "pkg:deb/debian/otrs2@3.3.9-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-118n-pg69-n7fk" }, { "vulnerability": "VCID-17u4-6a9b-vfg7" }, { "vulnerability": "VCID-29xd-16y4-cufd" }, { "vulnerability": "VCID-2zbp-7f7d-9yax" }, { "vulnerability": "VCID-37a6-9nkd-zfe2" }, { "vulnerability": "VCID-3t8c-btz5-aygz" }, { "vulnerability": "VCID-48xy-e43e-3uhq" }, { "vulnerability": "VCID-4fub-mh26-8kch" }, { "vulnerability": "VCID-5aaf-5d97-g3bg" }, { "vulnerability": "VCID-5jye-2stz-fqam" }, { "vulnerability": "VCID-6bmk-u1e6-ybav" }, { "vulnerability": "VCID-6rc9-awnq-sbh3" }, { "vulnerability": "VCID-7em4-9csm-pfgz" }, { "vulnerability": "VCID-84eq-cq89-9qhm" }, { "vulnerability": "VCID-8bqn-wqhd-87da" }, { "vulnerability": "VCID-8wat-51ra-skdf" }, { "vulnerability": "VCID-931s-zyss-r3ee" }, { "vulnerability": "VCID-9fy1-azty-z3f4" }, { "vulnerability": "VCID-9vxt-vwmf-7qf9" }, { "vulnerability": "VCID-a1sz-pm39-a7ft" }, { "vulnerability": "VCID-a5xn-yn1g-kbfb" }, { "vulnerability": "VCID-amad-41hs-1qay" }, { "vulnerability": "VCID-cbw1-dcam-fff1" }, { "vulnerability": "VCID-cwy4-f5jk-g7f1" }, { "vulnerability": "VCID-dnfd-spvs-9qbb" }, { "vulnerability": "VCID-e41t-6ufe-4uhg" }, { "vulnerability": "VCID-fxxh-51wc-gbb3" }, { "vulnerability": "VCID-gubp-jzhm-kyh6" }, { "vulnerability": "VCID-hq3f-5xvu-nybp" }, { "vulnerability": "VCID-j7u9-2fdf-yfgs" }, { "vulnerability": "VCID-jed8-4cv5-6bcr" }, { "vulnerability": "VCID-k6nu-g1bk-dkg7" }, { "vulnerability": "VCID-kj1x-kn4w-13a1" }, { "vulnerability": "VCID-n1x5-3apq-yuax" }, { "vulnerability": "VCID-psbm-u2fr-afgx" }, { "vulnerability": "VCID-qabf-7jqg-b3du" }, { "vulnerability": "VCID-qd3v-muyf-tkd7" }, { "vulnerability": "VCID-r7xv-pxng-kfap" }, { "vulnerability": "VCID-s95j-1s4a-83bp" }, { "vulnerability": "VCID-t86d-v1jx-7kek" }, { "vulnerability": "VCID-ug4m-ygza-bqct" }, { "vulnerability": "VCID-vjgu-685x-pyff" }, { "vulnerability": "VCID-vjrr-h9sh-3bcu" }, { "vulnerability": "VCID-x6vz-j7gw-2kbq" }, { "vulnerability": "VCID-xjen-uzab-a7cu" }, { "vulnerability": "VCID-xy85-n3rw-6uar" }, { "vulnerability": "VCID-yw3f-yrw5-zuhu" }, { "vulnerability": "VCID-zjh1-fhd3-mbcb" }, { "vulnerability": "VCID-zvje-yu8a-67eh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@3.3.9-3" } ], "aliases": [ "CVE-2014-9324" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ctbe-7zcx-dyhm" } ], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@3.3.9-3" }