Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/otrs2@6.0.18-1?distro=bullseye
Typedeb
Namespacedebian
Nameotrs2
Version6.0.18-1
Qualifiers
distro bullseye
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version6.0.19-1
Latest_non_vulnerable_version6.0.32-6
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-rg2d-x2j3-jycq
vulnerability_id VCID-rg2d-x2j3-jycq
summary An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of arbitrary files on the OTRS filesystem.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9892
reference_id
reference_type
scores
0
value 0.00432
scoring_system epss
scoring_elements 0.62723
published_at 2026-04-21T12:55:00Z
1
value 0.0045
scoring_system epss
scoring_elements 0.63588
published_at 2026-04-02T12:55:00Z
2
value 0.0045
scoring_system epss
scoring_elements 0.63614
published_at 2026-04-04T12:55:00Z
3
value 0.0045
scoring_system epss
scoring_elements 0.63578
published_at 2026-04-07T12:55:00Z
4
value 0.0045
scoring_system epss
scoring_elements 0.63629
published_at 2026-04-08T12:55:00Z
5
value 0.0045
scoring_system epss
scoring_elements 0.63528
published_at 2026-04-01T12:55:00Z
6
value 0.0045
scoring_system epss
scoring_elements 0.63661
published_at 2026-04-11T12:55:00Z
7
value 0.0045
scoring_system epss
scoring_elements 0.63612
published_at 2026-04-13T12:55:00Z
8
value 0.0045
scoring_system epss
scoring_elements 0.63649
published_at 2026-04-16T12:55:00Z
9
value 0.0045
scoring_system epss
scoring_elements 0.63658
published_at 2026-04-18T12:55:00Z
10
value 0.0045
scoring_system epss
scoring_elements 0.63646
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9892
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9892
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9892
fixed_packages
0
url pkg:deb/debian/otrs2@6.0.18-1?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.18-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.18-1%3Fdistro=bullseye
1
url pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6%3Fdistro=bullseye
aliases CVE-2019-9892
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rg2d-x2j3-jycq
1
url VCID-vahe-evfr-w7hd
vulnerability_id VCID-vahe-evfr-w7hd
summary An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through 5.0.12. An attacker who is logged into OTRS as an agent with appropriate permissions may create a carefully crafted calendar appointment in order to cause execution of JavaScript in the context of OTRS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10066
reference_id
reference_type
scores
0
value 0.00444
scoring_system epss
scoring_elements 0.63293
published_at 2026-04-01T12:55:00Z
1
value 0.00444
scoring_system epss
scoring_elements 0.63353
published_at 2026-04-02T12:55:00Z
2
value 0.00444
scoring_system epss
scoring_elements 0.6338
published_at 2026-04-13T12:55:00Z
3
value 0.00444
scoring_system epss
scoring_elements 0.63346
published_at 2026-04-07T12:55:00Z
4
value 0.00444
scoring_system epss
scoring_elements 0.63398
published_at 2026-04-08T12:55:00Z
5
value 0.00444
scoring_system epss
scoring_elements 0.63416
published_at 2026-04-12T12:55:00Z
6
value 0.00444
scoring_system epss
scoring_elements 0.63433
published_at 2026-04-11T12:55:00Z
7
value 0.00444
scoring_system epss
scoring_elements 0.63415
published_at 2026-04-16T12:55:00Z
8
value 0.00444
scoring_system epss
scoring_elements 0.63423
published_at 2026-04-18T12:55:00Z
9
value 0.00444
scoring_system epss
scoring_elements 0.63401
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10066
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10066
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10066
fixed_packages
0
url pkg:deb/debian/otrs2@6.0.18-1?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.18-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.18-1%3Fdistro=bullseye
1
url pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6%3Fdistro=bullseye
aliases CVE-2019-10066
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vahe-evfr-w7hd
2
url VCID-wueh-6rd8-zyg8
vulnerability_id VCID-wueh-6rd8-zyg8
summary An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the context of OTRS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10067
reference_id
reference_type
scores
0
value 0.00378
scoring_system epss
scoring_elements 0.59384
published_at 2026-04-21T12:55:00Z
1
value 0.00393
scoring_system epss
scoring_elements 0.60224
published_at 2026-04-02T12:55:00Z
2
value 0.00393
scoring_system epss
scoring_elements 0.6025
published_at 2026-04-04T12:55:00Z
3
value 0.00393
scoring_system epss
scoring_elements 0.60217
published_at 2026-04-07T12:55:00Z
4
value 0.00393
scoring_system epss
scoring_elements 0.60266
published_at 2026-04-08T12:55:00Z
5
value 0.00393
scoring_system epss
scoring_elements 0.60281
published_at 2026-04-09T12:55:00Z
6
value 0.00393
scoring_system epss
scoring_elements 0.60148
published_at 2026-04-01T12:55:00Z
7
value 0.00393
scoring_system epss
scoring_elements 0.60288
published_at 2026-04-12T12:55:00Z
8
value 0.00393
scoring_system epss
scoring_elements 0.60269
published_at 2026-04-13T12:55:00Z
9
value 0.00393
scoring_system epss
scoring_elements 0.60309
published_at 2026-04-16T12:55:00Z
10
value 0.00393
scoring_system epss
scoring_elements 0.60316
published_at 2026-04-18T12:55:00Z
11
value 0.00393
scoring_system epss
scoring_elements 0.60302
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10067
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10067
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10067
fixed_packages
0
url pkg:deb/debian/otrs2@6.0.18-1?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.18-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.18-1%3Fdistro=bullseye
1
url pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6%3Fdistro=bullseye
aliases CVE-2019-10067
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wueh-6rd8-zyg8
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.18-1%3Fdistro=bullseye