Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/otrs2@2.1.1-1?distro=bullseye
Typedeb
Namespacedebian
Nameotrs2
Version2.1.1-1
Qualifiers
distro bullseye
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.2.5-2
Latest_non_vulnerable_version6.0.32-6
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-x364-fse4-mfd8
vulnerability_id VCID-x364-fse4-mfd8
summary Cross-site scripting (XSS) vulnerability in index.pl in Open Ticket Request System (OTRS) 2.0.x allows remote attackers to inject arbitrary web script or HTML via the Subaction parameter in an AgentTicketMailbox Action. NOTE: DEBIAN:DSA-1299 originally used this identifier for an ipsec-tools issue, but the proper identifier for the ipsec-tools issue is CVE-2007-1841.
references
0
reference_url http://osvdb.org/35821
reference_id
reference_type
scores
url http://osvdb.org/35821
1
reference_url http://osvdb.org/35822
reference_id
reference_type
scores
url http://osvdb.org/35822
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-2524
reference_id
reference_type
scores
0
value 0.05656
scoring_system epss
scoring_elements 0.90327
published_at 2026-04-01T12:55:00Z
1
value 0.05656
scoring_system epss
scoring_elements 0.9033
published_at 2026-04-02T12:55:00Z
2
value 0.05656
scoring_system epss
scoring_elements 0.90342
published_at 2026-04-04T12:55:00Z
3
value 0.05656
scoring_system epss
scoring_elements 0.90346
published_at 2026-04-07T12:55:00Z
4
value 0.05656
scoring_system epss
scoring_elements 0.90359
published_at 2026-04-08T12:55:00Z
5
value 0.05656
scoring_system epss
scoring_elements 0.90366
published_at 2026-04-09T12:55:00Z
6
value 0.05802
scoring_system epss
scoring_elements 0.90527
published_at 2026-04-21T12:55:00Z
7
value 0.05802
scoring_system epss
scoring_elements 0.90518
published_at 2026-04-12T12:55:00Z
8
value 0.05802
scoring_system epss
scoring_elements 0.90511
published_at 2026-04-13T12:55:00Z
9
value 0.05802
scoring_system epss
scoring_elements 0.9053
published_at 2026-04-16T12:55:00Z
10
value 0.05802
scoring_system epss
scoring_elements 0.90529
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-2524
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2524
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2524
4
reference_url http://secunia.com/advisories/25205
reference_id
reference_type
scores
url http://secunia.com/advisories/25205
5
reference_url http://secunia.com/advisories/25419
reference_id
reference_type
scores
url http://secunia.com/advisories/25419
6
reference_url http://secunia.com/advisories/25787
reference_id
reference_type
scores
url http://secunia.com/advisories/25787
7
reference_url http://securityreason.com/securityalert/2668
reference_id
reference_type
scores
url http://securityreason.com/securityalert/2668
8
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/34164
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/34164
9
reference_url http://www.debian.org/security/2007/dsa-1298
reference_id
reference_type
scores
url http://www.debian.org/security/2007/dsa-1298
10
reference_url http://www.novell.com/linux/security/advisories/2007_13_sr.html
reference_id
reference_type
scores
url http://www.novell.com/linux/security/advisories/2007_13_sr.html
11
reference_url http://www.securityfocus.com/archive/1/467870/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/467870/100/0/threaded
12
reference_url http://www.securityfocus.com/archive/1/471192/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/471192/100/0/threaded
13
reference_url http://www.securityfocus.com/bid/23862
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/23862
14
reference_url http://www.virtuax.be/?page=library&id=35&type=Exploits
reference_id
reference_type
scores
url http://www.virtuax.be/?page=library&id=35&type=Exploits
15
reference_url http://www.vupen.com/english/advisories/2007/1698
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/1698
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=423524
reference_id 423524
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=423524
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:otrs:otrs:2.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.0.4:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-2524
reference_id CVE-2007-2524
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2007-2524
19
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/29962.txt
reference_id CVE-2007-2524;OSVDB-35821
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/29962.txt
20
reference_url https://www.securityfocus.com/bid/23862/info
reference_id CVE-2007-2524;OSVDB-35821
reference_type exploit
scores
url https://www.securityfocus.com/bid/23862/info
fixed_packages
0
url pkg:deb/debian/otrs2@2.1.1-1?distro=bullseye
purl pkg:deb/debian/otrs2@2.1.1-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@2.1.1-1%3Fdistro=bullseye
1
url pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6%3Fdistro=bullseye
aliases CVE-2007-2524
risk_score 7.8
exploitability 2.0
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x364-fse4-mfd8
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@2.1.1-1%3Fdistro=bullseye