Search for packages
| purl | pkg:deb/debian/otrs2@2.2.6-1?distro=bullseye |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-j31q-dmec-qyg9 | Kernel/Output/HTML/CustomerNewTicketQueueSelectionGeneric.pm in Open Ticket Request System (OTRS) before 2.2.6, when the CustomerPanelOwnSelection and CustomerGroupSupport options are enabled, allows remote authenticated users to bypass intended access restrictions, and perform certain (1) list and (2) write operations on queues, via unspecified vectors. |
CVE-2008-7282
|
| VCID-s1kr-mduu-mqc5 | Open Ticket Request System (OTRS) before 2.2.6, when customer group support is enabled, allows remote authenticated users to bypass intended access restrictions and perform web-interface updates to tickets by leveraging queue read permissions. |
CVE-2008-7283
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T12:21:32.656562+00:00 | Debian Importer | Fixing | VCID-j31q-dmec-qyg9 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T08:58:25.218532+00:00 | Debian Importer | Fixing | VCID-s1kr-mduu-mqc5 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T08:27:21.558029+00:00 | Debian Importer | Fixing | VCID-j31q-dmec-qyg9 | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-11T18:01:09.437920+00:00 | Debian Importer | Fixing | VCID-s1kr-mduu-mqc5 | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:49:14.155385+00:00 | Debian Importer | Fixing | VCID-s1kr-mduu-mqc5 | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:49:14.135054+00:00 | Debian Importer | Fixing | VCID-j31q-dmec-qyg9 | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |