VulnerableCode Package Details - pkg:deb/debian/otrs2@2.4.8%2Bdfsg1-1?distro=bullseye

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-35gr-98mg-1yfe	Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x before 2.4.8 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.	CVE-2010-2080
VCID-dbgf-5hx5-y3f4	Race condition in the Kernel::System::Main::FileWrite method in Open Ticket Request System (OTRS) before 2.4.8 allows remote authenticated users to corrupt the TicketCounter.log data in opportunistic circumstances by creating tickets.	CVE-2010-4765
VCID-wzt8-htew-x3dn	Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x before 2.4.8 does not properly handle the matching of Perl regular expressions against HTML e-mail messages, which allows remote attackers to cause a denial of service (CPU consumption) via a large message, a different vulnerability than CVE-2010-2080.	CVE-2010-3476

Vulnerability

Summary

Aliases

VCID-35gr-98mg-1yfe

Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x before 2.4.8 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

CVE-2010-2080

VCID-dbgf-5hx5-y3f4

Race condition in the Kernel::System::Main::FileWrite method in Open Ticket Request System (OTRS) before 2.4.8 allows remote authenticated users to corrupt the TicketCounter.log data in opportunistic circumstances by creating tickets.

CVE-2010-4765

VCID-wzt8-htew-x3dn

Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x before 2.4.8 does not properly handle the matching of Perl regular expressions against HTML e-mail messages, which allows remote attackers to cause a denial of service (CPU consumption) via a large message, a different vulnerability than CVE-2010-2080.

CVE-2010-3476

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T11:54:48.012349+00:00	Debian Importer	Fixing	VCID-dbgf-5hx5-y3f4	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:42:44.812224+00:00	Debian Importer	Fixing	VCID-wzt8-htew-x3dn	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:30:48.575201+00:00	Debian Importer	Fixing	VCID-35gr-98mg-1yfe	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:07:54.979145+00:00	Debian Importer	Fixing	VCID-dbgf-5hx5-y3f4	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:27:27.572995+00:00	Debian Importer	Fixing	VCID-wzt8-htew-x3dn	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:20:42.078577+00:00	Debian Importer	Fixing	VCID-35gr-98mg-1yfe	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:49:14.466758+00:00	Debian Importer	Fixing	VCID-dbgf-5hx5-y3f4	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:49:14.280071+00:00	Debian Importer	Fixing	VCID-wzt8-htew-x3dn	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:49:14.259926+00:00	Debian Importer	Fixing	VCID-35gr-98mg-1yfe	https://security-tracker.debian.org/tracker/data/json	38.1.0