Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/otrs2@6.0.20-1?distro=bullseye
Typedeb
Namespacedebian
Nameotrs2
Version6.0.20-1
Qualifiers
distro bullseye
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version6.0.23-1
Latest_non_vulnerable_version6.0.32-6
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-9aug-utyb-3fbg
vulnerability_id VCID-9aug-utyb-3fbg
summary An issue was discovered in Open Ticket Request System (OTRS) Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be then be potentially abused in order to impersonate the agent user.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12746
reference_id
reference_type
scores
0
value 0.00838
scoring_system epss
scoring_elements 0.74716
published_at 2026-04-21T12:55:00Z
1
value 0.00838
scoring_system epss
scoring_elements 0.74725
published_at 2026-04-18T12:55:00Z
2
value 0.00838
scoring_system epss
scoring_elements 0.74634
published_at 2026-04-01T12:55:00Z
3
value 0.00838
scoring_system epss
scoring_elements 0.74638
published_at 2026-04-02T12:55:00Z
4
value 0.00838
scoring_system epss
scoring_elements 0.74665
published_at 2026-04-04T12:55:00Z
5
value 0.00838
scoring_system epss
scoring_elements 0.7464
published_at 2026-04-07T12:55:00Z
6
value 0.00838
scoring_system epss
scoring_elements 0.74671
published_at 2026-04-08T12:55:00Z
7
value 0.00838
scoring_system epss
scoring_elements 0.74686
published_at 2026-04-09T12:55:00Z
8
value 0.00838
scoring_system epss
scoring_elements 0.7471
published_at 2026-04-11T12:55:00Z
9
value 0.00838
scoring_system epss
scoring_elements 0.74689
published_at 2026-04-12T12:55:00Z
10
value 0.00838
scoring_system epss
scoring_elements 0.74681
published_at 2026-04-13T12:55:00Z
11
value 0.00838
scoring_system epss
scoring_elements 0.74718
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12746
4
reference_url https://community.otrs.com/security-advisory-2019-10-security-update-for-otrs-framework/
reference_id
reference_type
scores
url https://community.otrs.com/security-advisory-2019-10-security-update-for-otrs-framework/
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12746
6
reference_url https://lists.debian.org/debian-lts-announce/2019/08/msg00018.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2019/08/msg00018.html
7
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
8
reference_url https://www.otrs.com/category/release-and-security-notes-en/
reference_id
reference_type
scores
url https://www.otrs.com/category/release-and-security-notes-en/
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
reference_id cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12746
reference_id CVE-2019-12746
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2019-12746
fixed_packages
0
url pkg:deb/debian/otrs2@6.0.20-1?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.20-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.20-1%3Fdistro=bullseye
1
url pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6%3Fdistro=bullseye
aliases CVE-2019-12746
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9aug-utyb-3fbg
1
url VCID-z2ek-mhha-ubhf
vulnerability_id VCID-z2ek-mhha-ubhf
summary An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, and Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS notification tags in templates in order to disclose hashed user passwords.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-13458
reference_id
reference_type
scores
0
value 0.00383
scoring_system epss
scoring_elements 0.59633
published_at 2026-04-21T12:55:00Z
1
value 0.00383
scoring_system epss
scoring_elements 0.59643
published_at 2026-04-16T12:55:00Z
2
value 0.00383
scoring_system epss
scoring_elements 0.5965
published_at 2026-04-18T12:55:00Z
3
value 0.00383
scoring_system epss
scoring_elements 0.59495
published_at 2026-04-01T12:55:00Z
4
value 0.00383
scoring_system epss
scoring_elements 0.59568
published_at 2026-04-02T12:55:00Z
5
value 0.00383
scoring_system epss
scoring_elements 0.59593
published_at 2026-04-04T12:55:00Z
6
value 0.00383
scoring_system epss
scoring_elements 0.59562
published_at 2026-04-07T12:55:00Z
7
value 0.00383
scoring_system epss
scoring_elements 0.59613
published_at 2026-04-08T12:55:00Z
8
value 0.00383
scoring_system epss
scoring_elements 0.59626
published_at 2026-04-09T12:55:00Z
9
value 0.00383
scoring_system epss
scoring_elements 0.59646
published_at 2026-04-11T12:55:00Z
10
value 0.00383
scoring_system epss
scoring_elements 0.59629
published_at 2026-04-12T12:55:00Z
11
value 0.00383
scoring_system epss
scoring_elements 0.59609
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-13458
4
reference_url https://community.otrs.com/security-advisory-2019-12-security-update-for-otrs-framework/
reference_id
reference_type
scores
url https://community.otrs.com/security-advisory-2019-12-security-update-for-otrs-framework/
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13458
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13458
6
reference_url https://lists.debian.org/debian-lts-announce/2019/08/msg00018.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2019/08/msg00018.html
7
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
8
reference_url https://www.otrs.com/category/release-and-security-notes-en/
reference_id
reference_type
scores
url https://www.otrs.com/category/release-and-security-notes-en/
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
reference_id cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-13458
reference_id CVE-2019-13458
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
1
value 2.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
2
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2019-13458
fixed_packages
0
url pkg:deb/debian/otrs2@6.0.20-1?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.20-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.20-1%3Fdistro=bullseye
1
url pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6%3Fdistro=bullseye
aliases CVE-2019-13458
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z2ek-mhha-ubhf
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.20-1%3Fdistro=bullseye