{"url":"http://public2.vulnerablecode.io/api/packages/1035579?format=json","purl":"pkg:deb/debian/otrs2@3.3.9-3","type":"deb","namespace":"debian","name":"otrs2","version":"3.3.9-3","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"6.0.32-6","latest_non_vulnerable_version":"6.0.32-6","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69126?format=json","vulnerability_id":"VCID-23kg-6hy8-2kfb","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14635","reference_id":"","reference_type":"","scores":[{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72638","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72648","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72508","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72515","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72531","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72509","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72547","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72559","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72583","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72566","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72556","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72598","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72609","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.726","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72642","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72651","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14635"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14635","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14635"},{"reference_url":"https://www.debian.org/security/2017/dsa-4021","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-4021"},{"reference_url":"https://www.otrs.com/security-advisory-2017-04-security-update-otrs-versions/","reference_id":"","reference_type":"","scores":[],"url":"https://www.otrs.com/security-advisory-2017-04-security-update-otrs-versions/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876462","reference_id":"876462","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876462"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.0:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.0:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.0:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.0:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.0:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.0:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.0:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.0:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.0:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.0:beta4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.0:beta4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.0:beta4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.0:beta5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.0:beta5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.0:beta5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:3.3.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.3.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.0:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.0:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.0:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.0:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.0:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.0:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.0:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.0:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.0:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.0:beta4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.0:beta4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.0:beta4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.0:beta5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.0:beta5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.0:beta5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.0:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.0:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.0:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.0:beta4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.0:beta5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14635","reference_id":"CVE-2017-14635","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14635"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035580?format=json","purl":"pkg:deb/debian/otrs2@3.3.18-1%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23kg-6hy8-2kfb"},{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-5f4u-bk7e-fyb8"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-7jwd-q7gg-6baf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-9v46-tmyq-f7bb"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-e7ak-45qz-cfa9"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-ew2x-9cat-v3h1"},{"vulnerability":"VCID-fz8v-murm-1khj"},{"vulnerability":"VCID-g2j2-tn4a-uqd3"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jg6y-p28f-dbd8"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-msa1-r3ax-zkeb"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n57t-8s1v-xkaw"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-p1rf-q72p-bbg9"},{"vulnerability":"VCID-p92a-hwnk-dfg7"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-qgs4-4qpa-3kbu"},{"vulnerability":"VCID-qu28-hr3t-kkca"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-s4ps-ebu4-6bh5"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-ujjt-5d77-r3ex"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-vgt6-eqab-cua9"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"},{"vulnerability":"VCID-zhu3-aqgx-j3ba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@3.3.18-1%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1036970?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23kg-6hy8-2kfb"},{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-5f4u-bk7e-fyb8"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-7jwd-q7gg-6baf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-9v46-tmyq-f7bb"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-e7ak-45qz-cfa9"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-ew2x-9cat-v3h1"},{"vulnerability":"VCID-g2j2-tn4a-uqd3"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jg6y-p28f-dbd8"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-msa1-r3ax-zkeb"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n57t-8s1v-xkaw"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-p1rf-q72p-bbg9"},{"vulnerability":"VCID-p92a-hwnk-dfg7"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-qgs4-4qpa-3kbu"},{"vulnerability":"VCID-qu28-hr3t-kkca"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-s4ps-ebu4-6bh5"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-vgt6-eqab-cua9"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"},{"vulnerability":"VCID-zhu3-aqgx-j3ba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1049143?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2017-14635"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-23kg-6hy8-2kfb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10584?format=json","vulnerability_id":"VCID-3s9f-prpy-hbcx","summary":"Cross-site Scripting\nThe jQuery library, which is included in rdoc, mishandles `jQuery.extend(true, {}, ...)` because of Object.prototype pollution. If an unsanitized source object contained an enumerable `__proto__` property, it could extend the native `Object.prototype.`","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html"},{"reference_url":"http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html"},{"reference_url":"http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html"},{"reference_url":"http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html"},{"reference_url":"https://access.redhat.com/errata/RHBA-2019:1570","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://access.redhat.com/errata/RHBA-2019:1570"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1456","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2587","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:2587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3023","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:3023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3024","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:3024"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11358.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11358.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11358","reference_id":"","reference_type":"","scores":[{"value":"0.01519","scoring_system":"epss","scoring_elements":"0.8133","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.83012","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.83024","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.83028","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.83035","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.8302","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.82988","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.8299","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02362","scoring_system":"epss","scoring_elements":"0.84954","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02426","scoring_system":"epss","scoring_elements":"0.85193","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02426","scoring_system":"epss","scoring_elements":"0.85196","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02426","scoring_system":"epss","scoring_elements":"0.85188","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02646","scoring_system":"epss","scoring_elements":"0.85754","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02646","scoring_system":"epss","scoring_elements":"0.85759","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02717","scoring_system":"epss","scoring_elements":"0.85871","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02717","scoring_system":"epss","scoring_elements":"0.8586","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11358"},{"reference_url":"https://backdropcms.org/security/backdrop-sa-core-2019-009","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://backdropcms.org/security/backdrop-sa-core-2019-009"},{"reference_url":"https://blog.jquery.com/2019/04/10/jquery-3-4-0-released","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.jquery.com/2019/04/10/jquery-3-4-0-released"},{"reference_url":"https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12466","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12466"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12467"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12471","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12471"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12474"},{"reference_url":"http://seclists.org/fulldisclosure/2019/May/10","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://seclists.org/fulldisclosure/2019/May/10"},{"reference_url":"http://seclists.org/fulldisclosure/2019/May/11","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://seclists.org/fulldisclosure/2019/May/11"},{"reference_url":"http://seclists.org/fulldisclosure/2019/May/13","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://seclists.org/fulldisclosure/2019/May/13"},{"reference_url":"https://github.com/django/django/commit/34ec52269ade54af31a021b12969913129571a3f","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/34ec52269ade54af31a021b12969913129571a3f"},{"reference_url":"https://github.com/django/django/commit/95649bc08547a878cebfa1d019edec8cb1b80829","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/95649bc08547a878cebfa1d019edec8cb1b80829"},{"reference_url":"https://github.com/django/django/commit/baaf187a4e354bf3976c51e2c83a0d2f8ee6e6ad","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/baaf187a4e354bf3976c51e2c83a0d2f8ee6e6ad"},{"reference_url":"https://github.com/jquery/jquery","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery/jquery"},{"reference_url":"https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b"},{"reference_url":"https://github.com/jquery/jquery/pull/4333","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://github.com/jquery/jquery/pull/4333"},{"reference_url":"https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc"},{"reference_url":"https://github.com/maximebf/php-debugbar/issues/447","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/maximebf/php-debugbar/issues/447"},{"reference_url":"https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434"},{"reference_url":"https://hackerone.com/reports/454365","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":""}],"url":"https://hackerone.com/reports/454365"},{"reference_url":"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"},{"reference_url":"https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5"},{"reference_url":"https://seclists.org/bugtraq/2019/Apr/32","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://seclists.org/bugtraq/2019/Apr/32"},{"reference_url":"https://seclists.org/bugtraq/2019/Jun/12","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://seclists.org/bugtraq/2019/Jun/12"},{"reference_url":"https://seclists.org/bugtraq/2019/May/18","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://seclists.org/bugtraq/2019/May/18"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190919-0001","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190919-0001"},{"reference_url":"https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-450226","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-450226"},{"reference_url":"https://snyk.io/vuln/SNYK-JS-JQUERY-174006","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://snyk.io/vuln/SNYK-JS-JQUERY-174006"},{"reference_url":"https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1"},{"reference_url":"https://web.archive.org/web/20190824065237/http://www.securityfocus.com/bid/108023","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20190824065237/http://www.securityfocus.com/bid/108023"},{"reference_url":"https://www.debian.org/security/2019/dsa-4434","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.debian.org/security/2019/dsa-4434"},{"reference_url":"https://www.debian.org/security/2019/dsa-4460","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.debian.org/security/2019/dsa-4460"},{"reference_url":"https://www.djangoproject.com/weblog/2019/jun/03/security-releases","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2019/jun/03/security-releases"},{"reference_url":"https://www.drupal.org/sa-core-2019-006","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.drupal.org/sa-core-2019-006"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuApr2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"reference_url":"https://www.oracle.com//security-alerts/cpujul2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery"},{"reference_url":"https://www.synology.com/security/advisory/Synology_SA_19_19","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.synology.com/security/advisory/Synology_SA_19_19"},{"reference_url":"https://www.tenable.com/security/tns-2019-08","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.tenable.com/security/tns-2019-08"},{"reference_url":"https://www.tenable.com/security/tns-2020-02","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.tenable.com/security/tns-2020-02"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/06/03/2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://www.openwall.com/lists/oss-security/2019/06/03/2"},{"reference_url":"http://www.securityfocus.com/bid/108023","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://www.securityfocus.com/bid/108023"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1701972","reference_id":"1701972","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1701972"},{"reference_url":"https://github.com/nodejs/security-wg/blob/main/vuln/npm/496.json","reference_id":"496","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":""}],"url":"https://github.com/nodejs/security-wg/blob/main/vuln/npm/496.json"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/","reference_id":"4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/","reference_id":"5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927466","reference_id":"927466","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927466"},{"reference_url":"https://security.archlinux.org/ASA-201906-2","reference_id":"ASA-201906-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201906-2"},{"reference_url":"https://security.archlinux.org/AVG-969","reference_id":"AVG-969","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-969"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11358","reference_id":"CVE-2019-11358","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11358"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2019-11358.yml","reference_id":"CVE-2019-11358.YML","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2019-11358.yml"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52141.txt","reference_id":"CVE-2020-7656;CVE-2019-11358","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52141.txt"},{"reference_url":"https://github.com/advisories/GHSA-6c3j-c64m-qhgq","reference_id":"GHSA-6c3j-c64m-qhgq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6c3j-c64m-qhgq"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/","reference_id":"KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/"},{"reference_url":"https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/","reference_id":"mitigating-cve-2019-11358-in-old-versions-of-jquery","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190919-0001/","reference_id":"ntap-20190919-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://security.netapp.com/advisory/ntap-20190919-0001/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/","reference_id":"QV3PKZC3PQCO3273HAT76PAQZFBEO4KP","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1325","reference_id":"RHSA-2020:1325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2412","reference_id":"RHSA-2020:2412","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2412"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3936","reference_id":"RHSA-2020:3936","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3936"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4298","reference_id":"RHSA-2020:4298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4670","reference_id":"RHSA-2020:4670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4847","reference_id":"RHSA-2020:4847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5581","reference_id":"RHSA-2020:5581","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5581"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4142","reference_id":"RHSA-2021:4142","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4142"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7343","reference_id":"RHSA-2022:7343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0552","reference_id":"RHSA-2023:0552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0553","reference_id":"RHSA-2023:0553","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0553"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0554","reference_id":"RHSA-2023:0554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0554"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0556","reference_id":"RHSA-2023:0556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0556"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/","reference_id":"RLXRX23725JL366CNZGJZ7AQQB7LHQ6F","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/"},{"reference_url":"https://usn.ubuntu.com/7622-1/","reference_id":"USN-7622-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7622-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/","reference_id":"WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-11358","GHSA-6c3j-c64m-qhgq"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3s9f-prpy-hbcx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93943?format=json","vulnerability_id":"VCID-47tp-xcrf-vkf4","summary":"An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. In the customer or external frontend, personal information of agents (e.g., Name and mail address) can be disclosed in external notes.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12497","reference_id":"","reference_type":"","scores":[{"value":"0.00558","scoring_system":"epss","scoring_elements":"0.68166","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00569","scoring_system":"epss","scoring_elements":"0.68496","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69036","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69085","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69105","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69128","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69113","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69083","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69123","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69132","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69112","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69162","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69169","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69177","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69158","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69056","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12497"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-12497"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-47tp-xcrf-vkf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/32449?format=json","vulnerability_id":"VCID-5618-53yg-8qh4","summary":"Potential XSS vulnerability in jQuery\n### Impact\nPassing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. `.html()`, `.append()`, and others) may execute untrusted code.\n\n### Patches\nThis problem is patched in jQuery 3.5.0.\n\n### Workarounds\nTo workaround the issue without upgrading, adding the following to your code:\n\n```js\njQuery.htmlPrefilter = function( html ) {\n\treturn html;\n};\n```\n\nYou need to use at least jQuery 1.12/2.2 or newer to be able to apply this workaround.\n\n### References\nhttps://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\nhttps://jquery.com/upgrade-guide/3.5/\n\n### For more information\nIf you have any questions or comments about this advisory, search for a relevant issue in [the jQuery repo](https://github.com/jquery/jquery/issues). If you don't find an answer, open a new issue.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html"},{"reference_url":"http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11022.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11022.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11022","reference_id":"","reference_type":"","scores":[{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84157","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84194","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84198","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84203","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84185","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84179","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84155","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02456","scoring_system":"epss","scoring_elements":"0.85287","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03251","scoring_system":"epss","scoring_elements":"0.87079","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03251","scoring_system":"epss","scoring_elements":"0.87068","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03538","scoring_system":"epss","scoring_elements":"0.87689","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03538","scoring_system":"epss","scoring_elements":"0.87688","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03633","scoring_system":"epss","scoring_elements":"0.87846","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07042","scoring_system":"epss","scoring_elements":"0.91518","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07042","scoring_system":"epss","scoring_elements":"0.91521","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07042","scoring_system":"epss","scoring_elements":"0.91519","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11022"},{"reference_url":"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released"},{"reference_url":"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/","reference_id":"","reference_type":"","scores":[],"url":"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662"},{"reference_url":"http://security.netapp.com/advisory/ntap-20200511-0006","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://security.netapp.com/advisory/ntap-20200511-0006"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-gxr4-xjj5-5px2","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gxr4-xjj5-5px2"},{"reference_url":"https://github.com/jquery/jquery","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery/jquery"},{"reference_url":"https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77"},{"reference_url":"https://github.com/jquery/jquery/releases/tag/3.5.0","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery/jquery/releases/tag/3.5.0"},{"reference_url":"https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2"},{"reference_url":"https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc"},{"reference_url":"https://github.com/maximebf/php-debugbar/issues/447","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/maximebf/php-debugbar/issues/447"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11022.yml","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11022.yml"},{"reference_url":"https://jquery.com/upgrade-guide/3.5","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://jquery.com/upgrade-guide/3.5"},{"reference_url":"https://jquery.com/upgrade-guide/3.5/","reference_id":"","reference_type":"","scores":[],"url":"https://jquery.com/upgrade-guide/3.5/"},{"reference_url":"https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W"},{"reference_url":"https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html"},{"reference_url":"https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html"},{"reference_url":"https://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11022","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11022"},{"reference_url":"https://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html"},{"reference_url":"https://security.gentoo.org/glsa/202007-03","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202007-03"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200511-0006","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20200511-0006"},{"reference_url":"https://www.debian.org/security/2020/dsa-4693","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2020/dsa-4693"},{"reference_url":"https://www.drupal.org/sa-core-2020-002","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.drupal.org/sa-core-2020-002"},{"reference_url":"https://www.npmjs.com/advisories/1518","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.npmjs.com/advisories/1518"},{"reference_url":"https://www.oracle.com/security-alerts/cpuApr2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujan2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"reference_url":"https://www.oracle.com//security-alerts/cpujul2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"reference_url":"https://www.tenable.com/security/tns-2020-10","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.tenable.com/security/tns-2020-10"},{"reference_url":"https://www.tenable.com/security/tns-2020-11","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.tenable.com/security/tns-2020-11"},{"reference_url":"https://www.tenable.com/security/tns-2021-02","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.tenable.com/security/tns-2021-02"},{"reference_url":"https://www.tenable.com/security/tns-2021-10","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.tenable.com/security/tns-2021-10"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1828406","reference_id":"1828406","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1828406"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49766.txt","reference_id":"CVE-2020-11022","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49766.txt"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2217","reference_id":"RHSA-2020:2217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2362","reference_id":"RHSA-2020:2362","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2362"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2412","reference_id":"RHSA-2020:2412","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2412"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2813","reference_id":"RHSA-2020:2813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3247","reference_id":"RHSA-2020:3247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3807","reference_id":"RHSA-2020:3807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3936","reference_id":"RHSA-2020:3936","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3936"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4211","reference_id":"RHSA-2020:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4298","reference_id":"RHSA-2020:4298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4670","reference_id":"RHSA-2020:4670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4847","reference_id":"RHSA-2020:4847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5249","reference_id":"RHSA-2020:5249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0778","reference_id":"RHSA-2021:0778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0778"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6393","reference_id":"RHSA-2022:6393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0552","reference_id":"RHSA-2023:0552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0553","reference_id":"RHSA-2023:0553","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0553"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0554","reference_id":"RHSA-2023:0554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0554"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0556","reference_id":"RHSA-2023:0556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0556"},{"reference_url":"https://usn.ubuntu.com/7246-1/","reference_id":"USN-7246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7246-1/"},{"reference_url":"https://usn.ubuntu.com/7622-1/","reference_id":"USN-7622-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7622-1/"},{"reference_url":"https://usn.ubuntu.com/7658-1/","reference_id":"USN-7658-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7658-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-11022","GHSA-gxr4-xjj5-5px2"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5618-53yg-8qh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94657?format=json","vulnerability_id":"VCID-57jx-quzh-fubc","summary":"Agents are able to list customer user emails without required permissions in the bulk action screen. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions prior to 7.0.27.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21443","reference_id":"","reference_type":"","scores":[{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44548","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44628","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44648","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44585","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44637","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44639","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44655","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44625","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44626","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.4468","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44672","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44603","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44517","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.4452","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44441","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44317","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21443","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21443"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593","reference_id":"991593","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2021-21443"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-57jx-quzh-fubc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94082?format=json","vulnerability_id":"VCID-59ez-3fcw-9ke1","summary":"An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, even tickets in a queue where the attacker doesn't have permissions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18179","reference_id":"","reference_type":"","scores":[{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60728","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60801","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.6083","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60794","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60843","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60859","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.6088","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60867","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60849","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60891","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60895","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60879","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60868","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60873","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60823","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18179"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945251","reference_id":"945251","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945251"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-18179"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-59ez-3fcw-9ke1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74001?format=json","vulnerability_id":"VCID-5f4u-bk7e-fyb8","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16587","reference_id":"","reference_type":"","scores":[{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65468","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65516","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65544","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65509","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65562","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65573","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65592","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65578","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.6555","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65586","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65599","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65583","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65598","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.6561","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65608","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65584","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16586","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16586"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16587"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1036970?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23kg-6hy8-2kfb"},{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-5f4u-bk7e-fyb8"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-7jwd-q7gg-6baf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-9v46-tmyq-f7bb"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-e7ak-45qz-cfa9"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-ew2x-9cat-v3h1"},{"vulnerability":"VCID-g2j2-tn4a-uqd3"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jg6y-p28f-dbd8"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-msa1-r3ax-zkeb"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n57t-8s1v-xkaw"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-p1rf-q72p-bbg9"},{"vulnerability":"VCID-p92a-hwnk-dfg7"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-qgs4-4qpa-3kbu"},{"vulnerability":"VCID-qu28-hr3t-kkca"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-s4ps-ebu4-6bh5"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-vgt6-eqab-cua9"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"},{"vulnerability":"VCID-zhu3-aqgx-j3ba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1049143?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-16587"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5f4u-bk7e-fyb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94411?format=json","vulnerability_id":"VCID-79tb-zy1a-tqaf","summary":"When an agent user is renamed or set to invalid the session belonging to the user is keept active. The session can not be used to access ticket data in the case the agent is invalid. This issue affects ((OTRS)) Community Edition: 6.0.28 and prior versions. OTRS: 7.0.18 and prior versions, 8.0.4. and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1776","reference_id":"","reference_type":"","scores":[{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55504","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55478","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55589","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55614","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55592","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55643","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55646","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55655","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55635","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55617","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55659","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55638","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55566","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55584","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55558","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1776"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1776"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-79tb-zy1a-tqaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93593?format=json","vulnerability_id":"VCID-7jwd-q7gg-6baf","summary":"An issue was discovered in Open Ticket Request System (OTRS) 6.0.x before 6.0.12. An attacker could send an e-mail message with a malicious link to an OTRS system or an agent. If a logged-in agent opens this link, it could cause the execution of JavaScript in the context of OTRS.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17883","reference_id":"","reference_type":"","scores":[{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71753","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.7176","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71779","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71792","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71803","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71827","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.7181","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.71835","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.75805","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.75812","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.75823","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.75832","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.75781","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.75767","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17883"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17883","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17883"},{"reference_url":"https://community.otrs.com/category/release-and-security-notes-en/","reference_id":"release-and-security-notes-en","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T16:24:58Z/"}],"url":"https://community.otrs.com/category/release-and-security-notes-en/"},{"reference_url":"https://community.otrs.com/security-advisory-2018-06-security-update-for-otrs-framework/","reference_id":"security-advisory-2018-06-security-update-for-otrs-framework","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T16:24:58Z/"}],"url":"https://community.otrs.com/security-advisory-2018-06-security-update-for-otrs-framework/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049143?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-17883"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7jwd-q7gg-6baf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94654?format=json","vulnerability_id":"VCID-9431-8f5f-rfct","summary":"DoS attack can be performed when an email contains specially designed URL in the body. It can lead to the high CPU usage and cause low quality of service, or in extreme case bring the system to a halt. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions; 8.0.x version 8.0.13 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21439","reference_id":"","reference_type":"","scores":[{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57232","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57314","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57337","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57365","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57367","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57382","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57362","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57341","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57298","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.5732","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57301","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57252","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21439"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21439","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21439"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992","reference_id":"989992","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2021-21439"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9431-8f5f-rfct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93947?format=json","vulnerability_id":"VCID-9aug-utyb-3fbg","summary":"An issue was discovered in Open Ticket Request System (OTRS) Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be then be potentially abused in order to impersonate the agent user.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12746","reference_id":"","reference_type":"","scores":[{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.74765","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.74762","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.74634","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.74638","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.74665","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.7464","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.74671","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.74686","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.7471","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.74689","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.74681","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.74718","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.74725","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.74716","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.74752","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.74759","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12746"},{"reference_url":"https://community.otrs.com/security-advisory-2019-10-security-update-for-otrs-framework/","reference_id":"","reference_type":"","scores":[],"url":"https://community.otrs.com/security-advisory-2019-10-security-update-for-otrs-framework/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12746"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/08/msg00018.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/08/msg00018.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"},{"reference_url":"https://www.otrs.com/category/release-and-security-notes-en/","reference_id":"","reference_type":"","scores":[],"url":"https://www.otrs.com/category/release-and-security-notes-en/"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12746","reference_id":"CVE-2019-12746","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12746"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-12746"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9aug-utyb-3fbg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94410?format=json","vulnerability_id":"VCID-9fth-879g-a3fn","summary":"When user downloads PGP or S/MIME keys/certificates, exported file has same name for private and public keys. Therefore it's possible to mix them and to send private key to the third-party instead of public key. This issue affects ((OTRS)) Community Edition: 5.0.42 and prior versions, 6.0.27 and prior versions. OTRS: 7.0.16 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1774","reference_id":"","reference_type":"","scores":[{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42367","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42438","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42467","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42406","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42457","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42464","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42487","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.4245","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.4242","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42469","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42444","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42372","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42308","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42305","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42222","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42077","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1774"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959448","reference_id":"959448","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959448"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1774"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9fth-879g-a3fn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93443?format=json","vulnerability_id":"VCID-9v46-tmyq-f7bb","summary":"An issue was discovered in OTRS 6.0.x before 6.0.7. An attacker who is logged into OTRS as a customer can use the ticket overview screen to disclose internal article information of their customer tickets.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10198","reference_id":"","reference_type":"","scores":[{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45166","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45269","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45322","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45402","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45422","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45365","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45421","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45443","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45412","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45413","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45465","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.4546","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.4541","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45323","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.4533","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10198"},{"reference_url":"https://community.otrs.com/security-advisory-2018-01-security-update-for-otrs-framework/","reference_id":"","reference_type":"","scores":[],"url":"https://community.otrs.com/security-advisory-2018-01-security-update-for-otrs-framework/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10198","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10198"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10198","reference_id":"CVE-2018-10198","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:P/I:N/A:N"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10198"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049143?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-10198"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9v46-tmyq-f7bb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36298?format=json","vulnerability_id":"VCID-a286-32jj-eubk","summary":"Regular Expression Denial of Service in jquery-validation\nThe GitHub Security Lab team has identified potential security vulnerabilities in jquery.validation.\n\nThe project contains one or more regular expressions that are vulnerable to ReDoS (Regular Expression Denial of Service)\n\nThis issue was discovered and reported by GitHub team member @erik-krogh (Erik Krogh Kristensen).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21252.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21252.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21252","reference_id":"","reference_type":"","scores":[{"value":"0.007","scoring_system":"epss","scoring_elements":"0.72069","published_at":"2026-05-05T12:55:00Z"},{"value":"0.007","scoring_system":"epss","scoring_elements":"0.72076","published_at":"2026-04-29T12:55:00Z"},{"value":"0.007","scoring_system":"epss","scoring_elements":"0.72082","published_at":"2026-04-26T12:55:00Z"},{"value":"0.007","scoring_system":"epss","scoring_elements":"0.71951","published_at":"2026-04-01T12:55:00Z"},{"value":"0.007","scoring_system":"epss","scoring_elements":"0.72014","published_at":"2026-04-12T12:55:00Z"},{"value":"0.007","scoring_system":"epss","scoring_elements":"0.7203","published_at":"2026-04-11T12:55:00Z"},{"value":"0.007","scoring_system":"epss","scoring_elements":"0.72006","published_at":"2026-04-09T12:55:00Z"},{"value":"0.007","scoring_system":"epss","scoring_elements":"0.71993","published_at":"2026-04-08T12:55:00Z"},{"value":"0.007","scoring_system":"epss","scoring_elements":"0.71955","published_at":"2026-04-07T12:55:00Z"},{"value":"0.007","scoring_system":"epss","scoring_elements":"0.71979","published_at":"2026-04-04T12:55:00Z"},{"value":"0.007","scoring_system":"epss","scoring_elements":"0.71959","published_at":"2026-04-02T12:55:00Z"},{"value":"0.007","scoring_system":"epss","scoring_elements":"0.72075","published_at":"2026-04-24T12:55:00Z"},{"value":"0.007","scoring_system":"epss","scoring_elements":"0.72032","published_at":"2026-04-21T12:55:00Z"},{"value":"0.007","scoring_system":"epss","scoring_elements":"0.72047","published_at":"2026-04-18T12:55:00Z"},{"value":"0.007","scoring_system":"epss","scoring_elements":"0.72039","published_at":"2026-04-16T12:55:00Z"},{"value":"0.007","scoring_system":"epss","scoring_elements":"0.71998","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21252"},{"reference_url":"https://github.com/jquery-validation/jquery-validation","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery-validation/jquery-validation"},{"reference_url":"https://github.com/jquery-validation/jquery-validation/commit/5d8f29eef363d043a8fec4eb86d42cadb5fa5f7d","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery-validation/jquery-validation/commit/5d8f29eef363d043a8fec4eb86d42cadb5fa5f7d"},{"reference_url":"https://github.com/jquery-validation/jquery-validation/pull/2371","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery-validation/jquery-validation/pull/2371"},{"reference_url":"https://github.com/jquery-validation/jquery-validation/security/advisories/GHSA-jxwx-85vp-gvwm","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery-validation/jquery-validation/security/advisories/GHSA-jxwx-85vp-gvwm"},{"reference_url":"https://jqueryvalidation.org/#installation-via-package-managers","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://jqueryvalidation.org/#installation-via-package-managers"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21252","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21252"},{"reference_url":"https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation"},{"reference_url":"https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation/","reference_id":"","reference_type":"","scores":[],"url":"https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210219-0005","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20210219-0005"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210219-0005/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20210219-0005/"},{"reference_url":"https://www.npmjs.com/package/jquery-validation","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.npmjs.com/package/jquery-validation"},{"reference_url":"https://www.nuget.org/packages/jquery.validation","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.nuget.org/packages/jquery.validation"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2096941","reference_id":"2096941","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2096941"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980891","reference_id":"980891","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980891"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980892","reference_id":"980892","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980892"},{"reference_url":"https://github.com/advisories/GHSA-jxwx-85vp-gvwm","reference_id":"GHSA-jxwx-85vp-gvwm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jxwx-85vp-gvwm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2021-21252","GHSA-jxwx-85vp-gvwm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a286-32jj-eubk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/32455?format=json","vulnerability_id":"VCID-cvxp-ctj9-guej","summary":"Potential XSS vulnerability in jQuery\n### Impact\nPassing HTML containing `<option>` elements from untrusted sources - even after sanitizing them - to one of jQuery's DOM manipulation methods (i.e. `.html()`, `.append()`, and others) may execute untrusted code.\n\n### Patches\nThis problem is patched in jQuery 3.5.0.\n\n### Workarounds\nTo workaround this issue without upgrading, use [DOMPurify](https://github.com/cure53/DOMPurify) with its `SAFE_FOR_JQUERY` option to sanitize the HTML string before passing it to a jQuery method.\n\n### References\nhttps://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\n\n### For more information\nIf you have any questions or comments about this advisory, search for a relevant issue in [the jQuery repo](https://github.com/jquery/jquery/issues). If you don't find an answer, open a new issue.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html"},{"reference_url":"http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11023.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11023.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11023","reference_id":"","reference_type":"","scores":[{"value":"0.36278","scoring_system":"epss","scoring_elements":"0.97106","published_at":"2026-04-12T12:55:00Z"},{"value":"0.36278","scoring_system":"epss","scoring_elements":"0.97107","published_at":"2026-04-13T12:55:00Z"},{"value":"0.36278","scoring_system":"epss","scoring_elements":"0.97105","published_at":"2026-04-11T12:55:00Z"},{"value":"0.36278","scoring_system":"epss","scoring_elements":"0.97101","published_at":"2026-04-09T12:55:00Z"},{"value":"0.36278","scoring_system":"epss","scoring_elements":"0.97091","published_at":"2026-04-07T12:55:00Z"},{"value":"0.36278","scoring_system":"epss","scoring_elements":"0.9709","published_at":"2026-04-04T12:55:00Z"},{"value":"0.36851","scoring_system":"epss","scoring_elements":"0.97125","published_at":"2026-04-02T12:55:00Z"},{"value":"0.36851","scoring_system":"epss","scoring_elements":"0.97117","published_at":"2026-04-01T12:55:00Z"},{"value":"0.42137","scoring_system":"epss","scoring_elements":"0.9745","published_at":"2026-04-16T12:55:00Z"},{"value":"0.42137","scoring_system":"epss","scoring_elements":"0.97454","published_at":"2026-04-18T12:55:00Z"},{"value":"0.44493","scoring_system":"epss","scoring_elements":"0.97586","published_at":"2026-05-05T12:55:00Z"},{"value":"0.5545","scoring_system":"epss","scoring_elements":"0.98081","published_at":"2026-04-26T12:55:00Z"},{"value":"0.58921","scoring_system":"epss","scoring_elements":"0.98229","published_at":"2026-04-21T12:55:00Z"},{"value":"0.58921","scoring_system":"epss","scoring_elements":"0.9823","published_at":"2026-04-24T12:55:00Z"},{"value":"0.66129","scoring_system":"epss","scoring_elements":"0.98531","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11023"},{"reference_url":"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/github/advisory-database/blob/99afa6fdeaf5d1d23e1021ff915a5e5dbc82c1f1/advisories/github-reviewed/2020/04/GHSA-jpcq-cgw6-v4j6/GHSA-jpcq-cgw6-v4j6.json#L20-L37","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/github/advisory-database/blob/99afa6fdeaf5d1d23e1021ff915a5e5dbc82c1f1/advisories/github-reviewed/2020/04/GHSA-jpcq-cgw6-v4j6/GHSA-jpcq-cgw6-v4j6.json#L20-L37"},{"reference_url":"https://github.com/jquery/jquery","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery/jquery"},{"reference_url":"https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77"},{"reference_url":"https://github.com/jquery/jquery/releases/tag/3.5.0","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery/jquery/releases/tag/3.5.0"},{"reference_url":"https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6"},{"reference_url":"https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#410","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#410"},{"reference_url":"https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440"},{"reference_url":"https://github.com/rails/jquery-rails/blob/v4.3.5/vendor/assets/javascripts/jquery3.js#L5979","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/jquery-rails/blob/v4.3.5/vendor/assets/javascripts/jquery3.js#L5979"},{"reference_url":"https://github.com/rails/jquery-rails/blob/v4.4.0/vendor/assets/javascripts/jquery3.js#L6162","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/jquery-rails/blob/v4.4.0/vendor/assets/javascripts/jquery3.js#L6162"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11023.yml","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11023.yml"},{"reference_url":"https://jquery.com/upgrade-guide/3.5","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://jquery.com/upgrade-guide/3.5"},{"reference_url":"https://jquery.com/upgrade-guide/3.5/","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://jquery.com/upgrade-guide/3.5/"},{"reference_url":"https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3Ccommits.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3Ccommits.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3Ccommits.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3Ccommits.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3Cdev.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3Cdev.hive.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11023","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11023"},{"reference_url":"https://security.gentoo.org/glsa/202007-03","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://security.gentoo.org/glsa/202007-03"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200511-0006","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20200511-0006"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230725-0003","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20230725-0003"},{"reference_url":"https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-565440","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-565440"},{"reference_url":"https://snyk.io/vuln/SNYK-JS-JQUERY-565129","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://snyk.io/vuln/SNYK-JS-JQUERY-565129"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11023","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11023"},{"reference_url":"https://www.debian.org/security/2020/dsa-4693","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.debian.org/security/2020/dsa-4693"},{"reference_url":"https://www.drupal.org/sa-core-2020-002","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.drupal.org/sa-core-2020-002"},{"reference_url":"https://www.oracle.com/security-alerts/cpuApr2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"reference_url":"https://www.oracle.com//security-alerts/cpujul2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"reference_url":"https://www.tenable.com/security/tns-2021-02","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.tenable.com/security/tns-2021-02"},{"reference_url":"https://www.tenable.com/security/tns-2021-10","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.tenable.com/security/tns-2021-10"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850004","reference_id":"1850004","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850004"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/","reference_id":"AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49767.txt","reference_id":"CVE-2020-11023","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49767.txt"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-23064.yml","reference_id":"CVE-2020-23064.YML","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-23064.yml"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200511-0006/","reference_id":"ntap-20200511-0006","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://security.netapp.com/advisory/ntap-20200511-0006/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/","reference_id":"QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2412","reference_id":"RHSA-2020:2412","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2412"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2813","reference_id":"RHSA-2020:2813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3247","reference_id":"RHSA-2020:3247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3369","reference_id":"RHSA-2020:3369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3807","reference_id":"RHSA-2020:3807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4211","reference_id":"RHSA-2020:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4298","reference_id":"RHSA-2020:4298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4847","reference_id":"RHSA-2020:4847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5249","reference_id":"RHSA-2020:5249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5412","reference_id":"RHSA-2020:5412","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5412"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0778","reference_id":"RHSA-2021:0778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0778"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0851","reference_id":"RHSA-2021:0851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0860","reference_id":"RHSA-2021:0860","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0860"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1846","reference_id":"RHSA-2021:1846","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1846"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4142","reference_id":"RHSA-2021:4142","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4142"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6393","reference_id":"RHSA-2022:6393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7343","reference_id":"RHSA-2022:7343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0552","reference_id":"RHSA-2023:0552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0553","reference_id":"RHSA-2023:0553","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0553"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0554","reference_id":"RHSA-2023:0554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0554"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0556","reference_id":"RHSA-2023:0556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1070","reference_id":"RHSA-2025:1070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1185","reference_id":"RHSA-2025:1185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1209","reference_id":"RHSA-2025:1209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1210","reference_id":"RHSA-2025:1210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1211","reference_id":"RHSA-2025:1211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1212","reference_id":"RHSA-2025:1212","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1212"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1213","reference_id":"RHSA-2025:1213","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1213"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1214","reference_id":"RHSA-2025:1214","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1214"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1215","reference_id":"RHSA-2025:1215","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1215"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1216","reference_id":"RHSA-2025:1216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1217","reference_id":"RHSA-2025:1217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1247","reference_id":"RHSA-2025:1247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1255","reference_id":"RHSA-2025:1255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1256","reference_id":"RHSA-2025:1256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1300","reference_id":"RHSA-2025:1300","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1300"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1301","reference_id":"RHSA-2025:1301","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1301"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1303","reference_id":"RHSA-2025:1303","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1304","reference_id":"RHSA-2025:1304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1305","reference_id":"RHSA-2025:1305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1306","reference_id":"RHSA-2025:1306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1308","reference_id":"RHSA-2025:1308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1309","reference_id":"RHSA-2025:1309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1310","reference_id":"RHSA-2025:1310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1310"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1311","reference_id":"RHSA-2025:1311","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1311"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1312","reference_id":"RHSA-2025:1312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1312"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1314","reference_id":"RHSA-2025:1314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1315","reference_id":"RHSA-2025:1315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1329","reference_id":"RHSA-2025:1329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1338","reference_id":"RHSA-2025:1338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1342","reference_id":"RHSA-2025:1342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1346","reference_id":"RHSA-2025:1346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1514","reference_id":"RHSA-2025:1514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1515","reference_id":"RHSA-2025:1515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1580","reference_id":"RHSA-2025:1580","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1580"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1601","reference_id":"RHSA-2025:1601","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1601"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1983","reference_id":"RHSA-2025:1983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2426","reference_id":"RHSA-2025:2426","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2426"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/","reference_id":"SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/","reference_id":"SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/"},{"reference_url":"https://usn.ubuntu.com/7246-1/","reference_id":"USN-7246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7246-1/"},{"reference_url":"https://usn.ubuntu.com/7622-1/","reference_id":"USN-7622-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7622-1/"},{"reference_url":"https://usn.ubuntu.com/7658-1/","reference_id":"USN-7658-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7658-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-11023","GHSA-jpcq-cgw6-v4j6"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cvxp-ctj9-guej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94405?format=json","vulnerability_id":"VCID-cyn6-w9ue-1fdv","summary":"In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1769","reference_id":"","reference_type":"","scores":[{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71249","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71261","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71264","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71121","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.7113","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71147","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71123","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71165","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71177","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71201","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71186","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71169","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71216","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71222","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.712","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71254","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1769"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1769","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1769"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"},{"reference_url":"https://otrs.com/release-notes/otrs-security-advisory-2020-06/","reference_id":"","reference_type":"","scores":[],"url":"https://otrs.com/release-notes/otrs-security-advisory-2020-06/"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1769","reference_id":"CVE-2020-1769","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:P/I:N/A:N"},{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1769"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1769"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cyn6-w9ue-1fdv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94409?format=json","vulnerability_id":"VCID-d4t9-s9ws-uugb","summary":"An attacker with the ability to generate session IDs or password reset tokens, either by being able to authenticate or by exploiting OSA-2020-09, may be able to predict other users session IDs, password reset tokens and automatically generated passwords. This issue affects ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS; 7.0.15 and prior versions.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1773","reference_id":"","reference_type":"","scores":[{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.6436","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64386","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64387","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64238","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64296","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64324","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64281","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64329","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64344","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64356","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64345","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64316","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64351","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64361","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64352","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64373","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1773"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"},{"reference_url":"https://otrs.com/release-notes/otrs-security-advisory-2020-10/","reference_id":"","reference_type":"","scores":[],"url":"https://otrs.com/release-notes/otrs-security-advisory-2020-10/"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1773","reference_id":"CVE-2020-1773","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:P/I:P/A:N"},{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1773"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1773"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d4t9-s9ws-uugb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94306?format=json","vulnerability_id":"VCID-e7ak-45qz-cfa9","summary":"An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. An attacker who is logged into OTRS as an agent or a customer user may upload a carefully crafted resource in order to cause execution of JavaScript in the context of OTRS. This is related to Content-type mishandling in Kernel/Modules/PictureUpload.pm.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9752","reference_id":"","reference_type":"","scores":[{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69223","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69244","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69085","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69101","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69122","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69104","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69153","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69173","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69194","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69179","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.6915","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.6919","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69198","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69178","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69228","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69237","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9752"},{"reference_url":"https://community.otrs.com/security-advisory-2019-01-security-update-for-otrs-framework","reference_id":"","reference_type":"","scores":[],"url":"https://community.otrs.com/security-advisory-2019-01-security-update-for-otrs-framework"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9752"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00023.html"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9752","reference_id":"CVE-2019-9752","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:N/I:P/A:N"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9752"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049143?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2019-9752"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e7ak-45qz-cfa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94404?format=json","vulnerability_id":"VCID-enp1-vd1n-ffg9","summary":"Agent A is able to save a draft (i.e. for customer reply). Then Agent B can open the draft, change the text completely and send it in the name of Agent A. For the customer it will not be visible that the message was sent by another agent. This issue affects: ((OTRS)) Community Edition 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1767","reference_id":"","reference_type":"","scores":[{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68157","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.6817","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68152","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68194","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68204","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68208","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68183","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69082","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.68987","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69052","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69004","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69024","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69005","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69055","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69074","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69097","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1767"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1767"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-enp1-vd1n-ffg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93632?format=json","vulnerability_id":"VCID-ew2x-9cat-v3h1","summary":"Open Ticket Request System (OTRS) 6.0.x before 6.0.13 allows an admin to conduct an XSS attack via a modified URL.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19142","reference_id":"","reference_type":"","scores":[{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52702","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52743","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52769","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52736","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52786","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52781","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52831","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52815","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52798","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52836","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52842","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52826","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52778","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52788","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.5275","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52694","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19142"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19142","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19142"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049143?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-19142"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ew2x-9cat-v3h1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92994?format=json","vulnerability_id":"VCID-fz8v-murm-1khj","summary":"Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.3.x before 3.3.16, 4.0.x before 4.0.19, and 5.0.x before 5.0.14 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9139","reference_id":"","reference_type":"","scores":[{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46126","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46167","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46187","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46134","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46191","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.4619","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46213","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46185","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46194","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46251","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46247","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46172","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.4618","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46122","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46024","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9139","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9139"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=843091","reference_id":"843091","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=843091"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1036969?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23kg-6hy8-2kfb"},{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-5f4u-bk7e-fyb8"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-7jwd-q7gg-6baf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-9v46-tmyq-f7bb"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-e7ak-45qz-cfa9"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-ew2x-9cat-v3h1"},{"vulnerability":"VCID-g2j2-tn4a-uqd3"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jg6y-p28f-dbd8"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-msa1-r3ax-zkeb"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n57t-8s1v-xkaw"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-p1rf-q72p-bbg9"},{"vulnerability":"VCID-p92a-hwnk-dfg7"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-qgs4-4qpa-3kbu"},{"vulnerability":"VCID-qu28-hr3t-kkca"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-s4ps-ebu4-6bh5"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-vgt6-eqab-cua9"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"},{"vulnerability":"VCID-zhu3-aqgx-j3ba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1~bpo8%252B1"}],"aliases":["CVE-2016-9139"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fz8v-murm-1khj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70430?format=json","vulnerability_id":"VCID-g2j2-tn4a-uqd3","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17476","reference_id":"","reference_type":"","scores":[{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75883","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75876","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75732","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75734","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75766","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75745","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75779","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.7579","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75814","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75795","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75789","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75827","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.7583","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75816","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75855","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.75864","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17476","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17476"},{"reference_url":"https://github.com/OTRS/otrs/commit/26707eaaa791648e6c7ad6aeaa27efd70e7c66eb","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/OTRS/otrs/commit/26707eaaa791648e6c7ad6aeaa27efd70e7c66eb"},{"reference_url":"https://github.com/OTRS/otrs/commit/36e3be99cfe8a9e09afa1b75fdc39f3e28f561fc","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/OTRS/otrs/commit/36e3be99cfe8a9e09afa1b75fdc39f3e28f561fc"},{"reference_url":"https://github.com/OTRS/otrs/commit/720c73fbf53e476ca7dfdf2ae1d4d3d2aad2b953","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/OTRS/otrs/commit/720c73fbf53e476ca7dfdf2ae1d4d3d2aad2b953"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00018.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00018.html"},{"reference_url":"https://www.debian.org/security/2017/dsa-4069","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-4069"},{"reference_url":"https://www.otrs.com/security-advisory-2017-10-security-update-otrs-framework/","reference_id":"","reference_type":"","scores":[],"url":"https://www.otrs.com/security-advisory-2017-10-security-update-otrs-framework/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884801","reference_id":"884801","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884801"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-17476","reference_id":"CVE-2017-17476","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-17476"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035580?format=json","purl":"pkg:deb/debian/otrs2@3.3.18-1%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23kg-6hy8-2kfb"},{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-5f4u-bk7e-fyb8"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-7jwd-q7gg-6baf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-9v46-tmyq-f7bb"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-e7ak-45qz-cfa9"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-ew2x-9cat-v3h1"},{"vulnerability":"VCID-fz8v-murm-1khj"},{"vulnerability":"VCID-g2j2-tn4a-uqd3"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jg6y-p28f-dbd8"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-msa1-r3ax-zkeb"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n57t-8s1v-xkaw"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-p1rf-q72p-bbg9"},{"vulnerability":"VCID-p92a-hwnk-dfg7"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-qgs4-4qpa-3kbu"},{"vulnerability":"VCID-qu28-hr3t-kkca"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-s4ps-ebu4-6bh5"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-ujjt-5d77-r3ex"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-vgt6-eqab-cua9"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"},{"vulnerability":"VCID-zhu3-aqgx-j3ba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@3.3.18-1%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1036970?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23kg-6hy8-2kfb"},{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-5f4u-bk7e-fyb8"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-7jwd-q7gg-6baf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-9v46-tmyq-f7bb"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-e7ak-45qz-cfa9"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-ew2x-9cat-v3h1"},{"vulnerability":"VCID-g2j2-tn4a-uqd3"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jg6y-p28f-dbd8"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-msa1-r3ax-zkeb"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n57t-8s1v-xkaw"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-p1rf-q72p-bbg9"},{"vulnerability":"VCID-p92a-hwnk-dfg7"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-qgs4-4qpa-3kbu"},{"vulnerability":"VCID-qu28-hr3t-kkca"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-s4ps-ebu4-6bh5"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-vgt6-eqab-cua9"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"},{"vulnerability":"VCID-zhu3-aqgx-j3ba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1049143?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2017-17476"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g2j2-tn4a-uqd3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94083?format=json","vulnerability_id":"VCID-h4xp-dgt9-jfhb","summary":"Improper Check for filenames with overly long extensions in PostMaster (sending in email) or uploading files (e.g. attaching files to mails) of ((OTRS)) Community Edition and OTRS allows an remote attacker to cause an endless loop. This issue affects: OTRS AG: ((OTRS)) Community Edition 5.0.x version 5.0.38 and prior versions; 6.0.x version 6.0.23 and prior versions. OTRS AG: OTRS 7.0.x version 7.0.12 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18180","reference_id":"","reference_type":"","scores":[{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.79918","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.79925","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.79946","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.79934","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.79963","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.79972","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.79992","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.79975","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.79968","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.79996","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.79998","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.80026","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.80032","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.80048","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.80061","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18180"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945251","reference_id":"945251","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945251"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-18180"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h4xp-dgt9-jfhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93631?format=json","vulnerability_id":"VCID-jg6y-p28f-dbd8","summary":"Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before 5.0.31 allows an admin to conduct an XSS attack via a modified URL because user and customer preferences are mishandled.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19141","reference_id":"","reference_type":"","scores":[{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50284","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.5034","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50369","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50318","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50371","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50364","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50406","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50383","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50413","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50417","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50394","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50341","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50351","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50302","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50224","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19141"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19141","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19141"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049143?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-19141"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jg6y-p28f-dbd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94402?format=json","vulnerability_id":"VCID-jr2g-4ag6-hqey","summary":"An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1765","reference_id":"","reference_type":"","scores":[{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70322","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70334","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70351","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70329","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70374","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70389","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70413","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70398","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70383","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70426","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70435","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70415","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70465","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70474","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70475","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.7045","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1765"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1765"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jr2g-4ag6-hqey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94408?format=json","vulnerability_id":"VCID-jv8f-vz24-67c2","summary":"It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. This issue affects: ((OTRS)) Community Edition 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1772","reference_id":"","reference_type":"","scores":[{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63658","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63651","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63663","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63517","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63577","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63604","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63568","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.6362","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63636","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63652","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63603","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.6364","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63648","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63632","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1772"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00000.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"},{"reference_url":"https://otrs.com/release-notes/otrs-security-advisory-2020-09/","reference_id":"","reference_type":"","scores":[],"url":"https://otrs.com/release-notes/otrs-security-advisory-2020-09/"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1772","reference_id":"CVE-2020-1772","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1772"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1772"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jv8f-vz24-67c2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94065?format=json","vulnerability_id":"VCID-kkx1-64uf-87hf","summary":"An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.11, and Community Edition 5.0.x through 5.0.37 and 6.0.x through 6.0.22. An attacker who is logged in as an agent or customer user with appropriate permissions can create a carefully crafted string containing malicious JavaScript code as an article body. This malicious code is executed when an agent composes an answer to the original article.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16375","reference_id":"","reference_type":"","scores":[{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.7084","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.70857","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.70707","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.70721","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.70739","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.70716","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.7076","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.70776","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.70799","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.70782","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.70767","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.70812","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.70819","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.70797","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.70849","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.70859","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16375"},{"reference_url":"https://community.otrs.com/category/security-advisories-en/","reference_id":"","reference_type":"","scores":[],"url":"https://community.otrs.com/category/security-advisories-en/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16375"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"},{"reference_url":"https://otrs.com/release-notes/otrs-security-advisory-2019-13/","reference_id":"","reference_type":"","scores":[],"url":"https://otrs.com/release-notes/otrs-security-advisory-2019-13/"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16375","reference_id":"CVE-2019-16375","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:N/I:P/A:N"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16375"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-16375"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kkx1-64uf-87hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70356?format=json","vulnerability_id":"VCID-msa1-r3ax-zkeb","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16854","reference_id":"","reference_type":"","scores":[{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.57945","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.57986","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.57905","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.57989","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58009","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.57984","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.5804","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58042","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58059","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58038","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58017","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58047","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58046","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58024","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.57987","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58003","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16921"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00015.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00015.html"},{"reference_url":"https://www.debian.org/security/2017/dsa-4066","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-4066"},{"reference_url":"https://www.otrs.com/security-advisory-2017-08-security-update-otrs-framework/","reference_id":"","reference_type":"","scores":[],"url":"https://www.otrs.com/security-advisory-2017-08-security-update-otrs-framework/"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16854","reference_id":"CVE-2017-16854","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:P/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16854"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035580?format=json","purl":"pkg:deb/debian/otrs2@3.3.18-1%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23kg-6hy8-2kfb"},{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-5f4u-bk7e-fyb8"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-7jwd-q7gg-6baf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-9v46-tmyq-f7bb"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-e7ak-45qz-cfa9"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-ew2x-9cat-v3h1"},{"vulnerability":"VCID-fz8v-murm-1khj"},{"vulnerability":"VCID-g2j2-tn4a-uqd3"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jg6y-p28f-dbd8"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-msa1-r3ax-zkeb"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n57t-8s1v-xkaw"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-p1rf-q72p-bbg9"},{"vulnerability":"VCID-p92a-hwnk-dfg7"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-qgs4-4qpa-3kbu"},{"vulnerability":"VCID-qu28-hr3t-kkca"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-s4ps-ebu4-6bh5"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-ujjt-5d77-r3ex"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-vgt6-eqab-cua9"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"},{"vulnerability":"VCID-zhu3-aqgx-j3ba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@3.3.18-1%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1036970?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23kg-6hy8-2kfb"},{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-5f4u-bk7e-fyb8"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-7jwd-q7gg-6baf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-9v46-tmyq-f7bb"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-e7ak-45qz-cfa9"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-ew2x-9cat-v3h1"},{"vulnerability":"VCID-g2j2-tn4a-uqd3"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jg6y-p28f-dbd8"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-msa1-r3ax-zkeb"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n57t-8s1v-xkaw"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-p1rf-q72p-bbg9"},{"vulnerability":"VCID-p92a-hwnk-dfg7"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-qgs4-4qpa-3kbu"},{"vulnerability":"VCID-qu28-hr3t-kkca"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-s4ps-ebu4-6bh5"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-vgt6-eqab-cua9"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"},{"vulnerability":"VCID-zhu3-aqgx-j3ba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1049143?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2017-16854"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-msa1-r3ax-zkeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94406?format=json","vulnerability_id":"VCID-mvf7-hk9h-zfa4","summary":"Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1770","reference_id":"","reference_type":"","scores":[{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58084","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58138","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58123","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.5804","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58125","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58146","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58121","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58175","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58178","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58193","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.5817","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.5815","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58181","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58183","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58159","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1770"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1770","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1770"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00000.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"},{"reference_url":"https://otrs.com/release-notes/otrs-security-advisory-2020-07/","reference_id":"","reference_type":"","scores":[],"url":"https://otrs.com/release-notes/otrs-security-advisory-2020-07/"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1770","reference_id":"CVE-2020-1770","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:P/I:N/A:N"},{"value":"2.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1770"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1770"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mvf7-hk9h-zfa4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93705?format=json","vulnerability_id":"VCID-n57t-8s1v-xkaw","summary":"An issue was discovered in Open Ticket Request System (OTRS) 5.0.31 and 6.0.13. Users updating to 6.0.13 (also patchlevel updates) or 5.0.31 (only major updates) will experience data loss in their agent preferences table.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20800","reference_id":"","reference_type":"","scores":[{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45761","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45862","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45895","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45942","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45962","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.4591","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45965","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45986","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45957","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46017","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46012","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45958","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45909","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.4592","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20800"},{"reference_url":"https://community.otrs.com/security-advisory-2018-10-security-update-for-otrs-framework","reference_id":"","reference_type":"","scores":[],"url":"https://community.otrs.com/security-advisory-2018-10-security-update-for-otrs-framework"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20800"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:6.0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20800","reference_id":"CVE-2018-20800","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:P/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20800"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049143?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-20800"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n57t-8s1v-xkaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94403?format=json","vulnerability_id":"VCID-n6bx-62mu-nkge","summary":"Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1766","reference_id":"","reference_type":"","scores":[{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.70752","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73446","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73469","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73441","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73478","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73491","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73515","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73495","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73438","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.7353","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73539","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73532","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73565","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73577","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73575","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73488","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1766"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1766","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1766"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1766"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n6bx-62mu-nkge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74000?format=json","vulnerability_id":"VCID-p1rf-q72p-bbg9","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16586","reference_id":"","reference_type":"","scores":[{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.69039","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.68897","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.68914","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.68935","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.68964","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.68983","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.69006","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.68991","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.68962","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.69003","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.69013","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.68993","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.69044","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.69051","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.69057","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16586"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16586","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16586"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16587"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1036970?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23kg-6hy8-2kfb"},{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-5f4u-bk7e-fyb8"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-7jwd-q7gg-6baf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-9v46-tmyq-f7bb"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-e7ak-45qz-cfa9"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-ew2x-9cat-v3h1"},{"vulnerability":"VCID-g2j2-tn4a-uqd3"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jg6y-p28f-dbd8"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-msa1-r3ax-zkeb"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n57t-8s1v-xkaw"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-p1rf-q72p-bbg9"},{"vulnerability":"VCID-p92a-hwnk-dfg7"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-qgs4-4qpa-3kbu"},{"vulnerability":"VCID-qu28-hr3t-kkca"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-s4ps-ebu4-6bh5"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-vgt6-eqab-cua9"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"},{"vulnerability":"VCID-zhu3-aqgx-j3ba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1049143?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-16586"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p1rf-q72p-bbg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70227?format=json","vulnerability_id":"VCID-p92a-hwnk-dfg7","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16664","reference_id":"","reference_type":"","scores":[{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.79158","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.79146","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.79017","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.79023","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.7905","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.79035","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.79059","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.79067","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.7909","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.79077","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.79095","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.79092","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.79124","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.7913","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16664"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16664","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16664"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00015.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00015.html"},{"reference_url":"https://www.debian.org/security/2017/dsa-4047","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-4047"},{"reference_url":"https://www.otrs.com/security-advisory-2017-07-security-update-otrs-framework/","reference_id":"","reference_type":"","scores":[],"url":"https://www.otrs.com/security-advisory-2017-07-security-update-otrs-framework/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882370","reference_id":"882370","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882370"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16664","reference_id":"CVE-2017-16664","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16664"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035580?format=json","purl":"pkg:deb/debian/otrs2@3.3.18-1%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23kg-6hy8-2kfb"},{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-5f4u-bk7e-fyb8"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-7jwd-q7gg-6baf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-9v46-tmyq-f7bb"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-e7ak-45qz-cfa9"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-ew2x-9cat-v3h1"},{"vulnerability":"VCID-fz8v-murm-1khj"},{"vulnerability":"VCID-g2j2-tn4a-uqd3"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jg6y-p28f-dbd8"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-msa1-r3ax-zkeb"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n57t-8s1v-xkaw"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-p1rf-q72p-bbg9"},{"vulnerability":"VCID-p92a-hwnk-dfg7"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-qgs4-4qpa-3kbu"},{"vulnerability":"VCID-qu28-hr3t-kkca"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-s4ps-ebu4-6bh5"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-ujjt-5d77-r3ex"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-vgt6-eqab-cua9"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"},{"vulnerability":"VCID-zhu3-aqgx-j3ba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@3.3.18-1%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1036970?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23kg-6hy8-2kfb"},{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-5f4u-bk7e-fyb8"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-7jwd-q7gg-6baf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-9v46-tmyq-f7bb"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-e7ak-45qz-cfa9"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-ew2x-9cat-v3h1"},{"vulnerability":"VCID-g2j2-tn4a-uqd3"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jg6y-p28f-dbd8"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-msa1-r3ax-zkeb"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n57t-8s1v-xkaw"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-p1rf-q72p-bbg9"},{"vulnerability":"VCID-p92a-hwnk-dfg7"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-qgs4-4qpa-3kbu"},{"vulnerability":"VCID-qu28-hr3t-kkca"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-s4ps-ebu4-6bh5"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-vgt6-eqab-cua9"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"},{"vulnerability":"VCID-zhu3-aqgx-j3ba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1049143?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2017-16664"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p92a-hwnk-dfg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93935?format=json","vulnerability_id":"VCID-q4vw-md7c-53bs","summary":"An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.7, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. An attacker could send a malicious email to an OTRS system. If a logged-in agent user quotes it, the email could cause the browser to load external image resources.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12248","reference_id":"","reference_type":"","scores":[{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71235","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71549","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.71986","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72025","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72038","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72062","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72045","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.7203","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72071","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72079","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72063","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72106","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72114","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72107","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.721","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72011","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12248"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-12248"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q4vw-md7c-53bs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93479?format=json","vulnerability_id":"VCID-qgs4-4qpa-3kbu","summary":"An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.7. A carefully constructed email could be used to inject and execute arbitrary stylesheet or JavaScript code in a logged in customer's browser in the context of the OTRS customer panel application.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11563","reference_id":"","reference_type":"","scores":[{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.5323","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53243","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53205","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53162","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53705","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53703","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53752","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53735","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53636","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53756","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.5376","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53742","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53718","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53657","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53685","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53653","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11563"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11563","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11563"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049143?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-11563"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qgs4-4qpa-3kbu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93633?format=json","vulnerability_id":"VCID-qu28-hr3t-kkca","summary":"Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching is mishandled.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19143","reference_id":"","reference_type":"","scores":[{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31821","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.3195","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31992","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31811","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31864","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31892","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31896","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31856","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31853","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31834","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31806","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31636","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31509","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31425","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31276","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19143"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19143","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19143"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049143?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-19143"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qu28-hr3t-kkca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94311?format=json","vulnerability_id":"VCID-rg2d-x2j3-jycq","summary":"An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of arbitrary files on the OTRS filesystem.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9892","reference_id":"","reference_type":"","scores":[{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.62723","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.62735","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.62751","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.62703","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63629","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63646","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63661","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63528","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63649","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63658","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63612","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63588","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63614","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63578","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9892"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9892","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9892"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-9892"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rg2d-x2j3-jycq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70357?format=json","vulnerability_id":"VCID-s4ps-ebu4-6bh5","summary":"security update","references":[{"reference_url":"http://packetstormsecurity.com/files/162295/OTRS-6.0.1-Remote-Command-Execution.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/162295/OTRS-6.0.1-Remote-Command-Execution.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16921","reference_id":"","reference_type":"","scores":[{"value":"0.33869","scoring_system":"epss","scoring_elements":"0.96979","published_at":"2026-05-05T12:55:00Z"},{"value":"0.33869","scoring_system":"epss","scoring_elements":"0.96976","published_at":"2026-04-29T12:55:00Z"},{"value":"0.33869","scoring_system":"epss","scoring_elements":"0.96928","published_at":"2026-04-01T12:55:00Z"},{"value":"0.33869","scoring_system":"epss","scoring_elements":"0.96936","published_at":"2026-04-02T12:55:00Z"},{"value":"0.33869","scoring_system":"epss","scoring_elements":"0.9694","published_at":"2026-04-04T12:55:00Z"},{"value":"0.33869","scoring_system":"epss","scoring_elements":"0.96944","published_at":"2026-04-07T12:55:00Z"},{"value":"0.33869","scoring_system":"epss","scoring_elements":"0.96952","published_at":"2026-04-08T12:55:00Z"},{"value":"0.33869","scoring_system":"epss","scoring_elements":"0.96954","published_at":"2026-04-09T12:55:00Z"},{"value":"0.33869","scoring_system":"epss","scoring_elements":"0.96956","published_at":"2026-04-11T12:55:00Z"},{"value":"0.33869","scoring_system":"epss","scoring_elements":"0.96958","published_at":"2026-04-13T12:55:00Z"},{"value":"0.33869","scoring_system":"epss","scoring_elements":"0.96965","published_at":"2026-04-16T12:55:00Z"},{"value":"0.33869","scoring_system":"epss","scoring_elements":"0.96969","published_at":"2026-04-18T12:55:00Z"},{"value":"0.33869","scoring_system":"epss","scoring_elements":"0.96971","published_at":"2026-04-24T12:55:00Z"},{"value":"0.33869","scoring_system":"epss","scoring_elements":"0.96973","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16921"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00015.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00015.html"},{"reference_url":"https://www.debian.org/security/2017/dsa-4066","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-4066"},{"reference_url":"https://www.exploit-db.com/exploits/43853/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/43853/"},{"reference_url":"https://www.otrs.com/security-advisory-2017-09-security-update-otrs-framework/","reference_id":"","reference_type":"","scores":[],"url":"https://www.otrs.com/security-advisory-2017-09-security-update-otrs-framework/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883774","reference_id":"883774","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883774"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.25:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.25:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.25:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.26:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.26:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.26:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:4.0.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:4.0.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:alpha1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.0:alpha1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:alpha1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.0:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.0:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.0:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.0:beta4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.0:beta5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:beta5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:5.0.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:5.0.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:6.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.0:alpha1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:6.0.0:alpha1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.0:alpha1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.0:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:6.0.0:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.0:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.0:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:6.0.0:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.0:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.0:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:6.0.0:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.0:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.0:beta4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:6.0.0:beta4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.0:beta4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.0:beta5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:6.0.0:beta5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.0:beta5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:6.0.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:6.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:6.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/perl/webapps/43853.txt","reference_id":"CVE-2017-16921","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/perl/webapps/43853.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16921","reference_id":"CVE-2017-16921","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:C/I:C/A:C"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16921"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035580?format=json","purl":"pkg:deb/debian/otrs2@3.3.18-1%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23kg-6hy8-2kfb"},{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-5f4u-bk7e-fyb8"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-7jwd-q7gg-6baf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-9v46-tmyq-f7bb"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-e7ak-45qz-cfa9"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-ew2x-9cat-v3h1"},{"vulnerability":"VCID-fz8v-murm-1khj"},{"vulnerability":"VCID-g2j2-tn4a-uqd3"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jg6y-p28f-dbd8"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-msa1-r3ax-zkeb"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n57t-8s1v-xkaw"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-p1rf-q72p-bbg9"},{"vulnerability":"VCID-p92a-hwnk-dfg7"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-qgs4-4qpa-3kbu"},{"vulnerability":"VCID-qu28-hr3t-kkca"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-s4ps-ebu4-6bh5"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-ujjt-5d77-r3ex"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-vgt6-eqab-cua9"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"},{"vulnerability":"VCID-zhu3-aqgx-j3ba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@3.3.18-1%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1036970?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23kg-6hy8-2kfb"},{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-5f4u-bk7e-fyb8"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-7jwd-q7gg-6baf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-9v46-tmyq-f7bb"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-e7ak-45qz-cfa9"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-ew2x-9cat-v3h1"},{"vulnerability":"VCID-g2j2-tn4a-uqd3"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jg6y-p28f-dbd8"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-msa1-r3ax-zkeb"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n57t-8s1v-xkaw"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-p1rf-q72p-bbg9"},{"vulnerability":"VCID-p92a-hwnk-dfg7"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-qgs4-4qpa-3kbu"},{"vulnerability":"VCID-qu28-hr3t-kkca"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-s4ps-ebu4-6bh5"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-vgt6-eqab-cua9"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"},{"vulnerability":"VCID-zhu3-aqgx-j3ba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1049143?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2017-16921"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s4ps-ebu4-6bh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94407?format=json","vulnerability_id":"VCID-sxy7-tjmp-qbh2","summary":"Attacker is able craft an article with a link to the customer address book with malicious content (JavaScript). When agent opens the link, JavaScript code is executed due to the missing parameter encoding. This issue affects: ((OTRS)) Community Edition: 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1771","reference_id":"","reference_type":"","scores":[{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70466","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70483","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70492","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70338","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.7035","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70367","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70346","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70391","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70406","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.7043","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70414","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.704","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70443","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70452","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70432","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1771"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"},{"reference_url":"https://otrs.com/release-notes/otrs-security-advisory-2020-08/","reference_id":"","reference_type":"","scores":[],"url":"https://otrs.com/release-notes/otrs-security-advisory-2020-08/"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1771","reference_id":"CVE-2020-1771","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:N/I:P/A:N"},{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1771"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1771"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sxy7-tjmp-qbh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94305?format=json","vulnerability_id":"VCID-t2up-pp1r-xkdu","summary":"An issue was discovered in Open Ticket Request System (OTRS) 6.x before 6.0.17 and 7.x before 7.0.5. An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS. This is related to Kernel/Output/Template/Document.pm.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9751","reference_id":"","reference_type":"","scores":[{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60844","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60894","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60748","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60821","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.6085","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60814","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60863","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60879","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.609","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60886","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60867","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.6091","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60914","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60898","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60889","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60902","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9751"},{"reference_url":"https://community.otrs.com/security-advisory-2019-02-security-update-for-otrs-framework","reference_id":"","reference_type":"","scores":[],"url":"https://community.otrs.com/security-advisory-2019-02-security-update-for-otrs-framework"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9751"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9751","reference_id":"CVE-2019-9751","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:N/I:P/A:N"},{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9751"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-9751"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t2up-pp1r-xkdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94655?format=json","vulnerability_id":"VCID-u3ed-wmjx-9fcq","summary":"Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.27 and prior versions; 8.0.x version 8.0.14 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21440","reference_id":"","reference_type":"","scores":[{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.394","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39563","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39586","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39501","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39556","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39572","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39582","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39544","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39528","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39578","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39549","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39465","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39271","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39255","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39174","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39047","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21440"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21440","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21440"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593","reference_id":"991593","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2021-21440"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u3ed-wmjx-9fcq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94656?format=json","vulnerability_id":"VCID-u8xm-v9ek-yuar","summary":"There is a XSS vulnerability in the ticket overview screens. It's possible to collect various information by having an e-mail shown in the overview screen. Attack can be performed by sending specially crafted e-mail to the system and it doesn't require any user intraction. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21441","reference_id":"","reference_type":"","scores":[{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52823","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.5285","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52876","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52844","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52895","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52889","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52939","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52923","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52907","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52944","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52951","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52934","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.529","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52911","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52873","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21441"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21441","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21441"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992","reference_id":"989992","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2021-21441"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u8xm-v9ek-yuar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94822?format=json","vulnerability_id":"VCID-ujf1-bbf4-abch","summary":"Agents are able to list appointments in the calendars without required permissions. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions prior to 7.0.27.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36091","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32741","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32872","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32907","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32728","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32775","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32802","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32803","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32765","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32739","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3278","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32756","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32727","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32576","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3246","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32378","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32241","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36091"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593","reference_id":"991593","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2021-36091"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ujf1-bbf4-abch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93153?format=json","vulnerability_id":"VCID-ujjt-5d77-r3ex","summary":"In the Agent Frontend in Open Ticket Request System (OTRS) 3.3.x through 3.3.18, with a crafted URL it is possible to gain information like database user and password.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15864","reference_id":"","reference_type":"","scores":[{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66049","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.6607","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.65927","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.65969","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.65999","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.65965","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66016","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66028","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66047","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66034","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66004","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66039","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66053","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66041","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66061","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66072","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15864"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00015.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00015.html"},{"reference_url":"https://www.debian.org/security/2017/dsa-4047","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-4047"},{"reference_url":"https://www.otrs.com/security-advisory-2017-06-security-update-otrs-3-3/","reference_id":"","reference_type":"","scores":[],"url":"https://www.otrs.com/security-advisory-2017-06-security-update-otrs-3-3/"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15864","reference_id":"CVE-2017-15864","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:P/I:N/A:N"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15864"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1036969?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23kg-6hy8-2kfb"},{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-5f4u-bk7e-fyb8"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-7jwd-q7gg-6baf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-9v46-tmyq-f7bb"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-e7ak-45qz-cfa9"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-ew2x-9cat-v3h1"},{"vulnerability":"VCID-g2j2-tn4a-uqd3"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jg6y-p28f-dbd8"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-msa1-r3ax-zkeb"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n57t-8s1v-xkaw"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-p1rf-q72p-bbg9"},{"vulnerability":"VCID-p92a-hwnk-dfg7"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-qgs4-4qpa-3kbu"},{"vulnerability":"VCID-qu28-hr3t-kkca"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-s4ps-ebu4-6bh5"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-vgt6-eqab-cua9"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"},{"vulnerability":"VCID-zhu3-aqgx-j3ba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1~bpo8%252B1"}],"aliases":["CVE-2017-15864"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ujjt-5d77-r3ex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93846?format=json","vulnerability_id":"VCID-vahe-evfr-w7hd","summary":"An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through 5.0.12. An attacker who is logged into OTRS as an agent with appropriate permissions may create a carefully crafted calendar appointment in order to cause execution of JavaScript in the context of OTRS.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10066","reference_id":"","reference_type":"","scores":[{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63293","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63353","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.6338","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63346","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63398","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63416","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63433","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63415","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63423","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63401","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63419","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63432","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63427","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.634","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10066"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-10066"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vahe-evfr-w7hd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85749?format=json","vulnerability_id":"VCID-vgt6-eqab-cua9","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9324","reference_id":"","reference_type":"","scores":[{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80126","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80133","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80153","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80141","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.8017","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80177","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80196","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80181","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80173","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80201","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80202","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80204","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80233","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80242","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80257","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80272","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9324"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9324","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9324"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864319","reference_id":"864319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864319"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035580?format=json","purl":"pkg:deb/debian/otrs2@3.3.18-1%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23kg-6hy8-2kfb"},{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-5f4u-bk7e-fyb8"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-7jwd-q7gg-6baf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-9v46-tmyq-f7bb"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-e7ak-45qz-cfa9"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-ew2x-9cat-v3h1"},{"vulnerability":"VCID-fz8v-murm-1khj"},{"vulnerability":"VCID-g2j2-tn4a-uqd3"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jg6y-p28f-dbd8"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-msa1-r3ax-zkeb"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n57t-8s1v-xkaw"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-p1rf-q72p-bbg9"},{"vulnerability":"VCID-p92a-hwnk-dfg7"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-qgs4-4qpa-3kbu"},{"vulnerability":"VCID-qu28-hr3t-kkca"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-s4ps-ebu4-6bh5"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-ujjt-5d77-r3ex"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-vgt6-eqab-cua9"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"},{"vulnerability":"VCID-zhu3-aqgx-j3ba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@3.3.18-1%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1049143?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2017-9324"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vgt6-eqab-cua9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93847?format=json","vulnerability_id":"VCID-wueh-6rd8-zyg8","summary":"An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the context of OTRS.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10067","reference_id":"","reference_type":"","scores":[{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59384","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59361","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59381","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59365","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59323","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60281","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60302","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60288","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60148","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60309","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60316","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60269","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60224","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.6025","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60217","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60266","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10067"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10067","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10067"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-10067"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wueh-6rd8-zyg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93981?format=json","vulnerability_id":"VCID-z2ek-mhha-ubhf","summary":"An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, and Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS notification tags in templates in order to disclose hashed user passwords.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13458","reference_id":"","reference_type":"","scores":[{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.5957","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.59624","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.5961","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.59495","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.59568","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.59593","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.59562","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.59613","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.59626","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.59646","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.59629","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.59609","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.59643","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.5965","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.59633","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.59603","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13458"},{"reference_url":"https://community.otrs.com/security-advisory-2019-12-security-update-for-otrs-framework/","reference_id":"","reference_type":"","scores":[],"url":"https://community.otrs.com/security-advisory-2019-12-security-update-for-otrs-framework/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13458","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13458"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/08/msg00018.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/08/msg00018.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"},{"reference_url":"https://www.otrs.com/category/release-and-security-notes-en/","reference_id":"","reference_type":"","scores":[],"url":"https://www.otrs.com/category/release-and-security-notes-en/"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-13458","reference_id":"CVE-2019-13458","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:P/I:N/A:N"},{"value":"2.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-13458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049144?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-13458"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z2ek-mhha-ubhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73999?format=json","vulnerability_id":"VCID-zhu3-aqgx-j3ba","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14593","reference_id":"","reference_type":"","scores":[{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70641","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70656","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70675","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70652","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70697","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70713","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70736","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70719","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70704","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70749","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70756","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70734","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70787","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70797","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70796","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.7078","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16586","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16586"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16587"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1036970?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23kg-6hy8-2kfb"},{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-5f4u-bk7e-fyb8"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-7jwd-q7gg-6baf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-9v46-tmyq-f7bb"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-e7ak-45qz-cfa9"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-ew2x-9cat-v3h1"},{"vulnerability":"VCID-g2j2-tn4a-uqd3"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jg6y-p28f-dbd8"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-msa1-r3ax-zkeb"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n57t-8s1v-xkaw"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-p1rf-q72p-bbg9"},{"vulnerability":"VCID-p92a-hwnk-dfg7"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-qgs4-4qpa-3kbu"},{"vulnerability":"VCID-qu28-hr3t-kkca"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-s4ps-ebu4-6bh5"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-vgt6-eqab-cua9"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"},{"vulnerability":"VCID-zhu3-aqgx-j3ba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1049143?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-14593"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zhu3-aqgx-j3ba"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58676?format=json","vulnerability_id":"VCID-h7nm-zq34-fqbs","summary":"security update","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2015-0031.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2015-0031.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9324","reference_id":"","reference_type":"","scores":[{"value":"0.00963","scoring_system":"epss","scoring_elements":"0.76607","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00963","scoring_system":"epss","scoring_elements":"0.76474","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00963","scoring_system":"epss","scoring_elements":"0.76479","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00963","scoring_system":"epss","scoring_elements":"0.76508","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00963","scoring_system":"epss","scoring_elements":"0.7649","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00963","scoring_system":"epss","scoring_elements":"0.76522","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00963","scoring_system":"epss","scoring_elements":"0.76534","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00963","scoring_system":"epss","scoring_elements":"0.7656","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00963","scoring_system":"epss","scoring_elements":"0.76539","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00963","scoring_system":"epss","scoring_elements":"0.76575","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00963","scoring_system":"epss","scoring_elements":"0.76579","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00963","scoring_system":"epss","scoring_elements":"0.76567","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00963","scoring_system":"epss","scoring_elements":"0.766","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00963","scoring_system":"epss","scoring_elements":"0.76605","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00963","scoring_system":"epss","scoring_elements":"0.76619","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9324"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9324","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9324"},{"reference_url":"http://secunia.com/advisories/59875","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/59875"},{"reference_url":"http://secunia.com/advisories/62188","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62188"},{"reference_url":"http://secunia.com/advisories/62662","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62662"},{"reference_url":"https://www.otrs.com/security-advisory-2014-06-incomplete-access-control/","reference_id":"","reference_type":"","scores":[],"url":"https://www.otrs.com/security-advisory-2014-06-incomplete-access-control/"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:043","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:043"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.2.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.2.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.2.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.2.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.2.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.2.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.2.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.2.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.2.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.3.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.3.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.3.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:3.3.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:3.3.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:4.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:4.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:4.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:4.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:4.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:4.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:4.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:otrs:otrs_help_desk:4.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_help_desk:4.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9324","reference_id":"CVE-2014-9324","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9324"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571123?format=json","purl":"pkg:deb/debian/otrs2@3.1.7%2Bdfsg1-8%2Bdeb7u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23kg-6hy8-2kfb"},{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-5f4u-bk7e-fyb8"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-7jwd-q7gg-6baf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-95xu-bm4v-hfbj"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-9v46-tmyq-f7bb"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cwxd-pja8-g3a2"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-drd1-bnmf-57c9"},{"vulnerability":"VCID-e7ak-45qz-cfa9"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-ew2x-9cat-v3h1"},{"vulnerability":"VCID-fz8v-murm-1khj"},{"vulnerability":"VCID-g2j2-tn4a-uqd3"},{"vulnerability":"VCID-gys4-65yj-xbhg"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-h7nm-zq34-fqbs"},{"vulnerability":"VCID-jg6y-p28f-dbd8"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-msa1-r3ax-zkeb"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n57t-8s1v-xkaw"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-p1rf-q72p-bbg9"},{"vulnerability":"VCID-p92a-hwnk-dfg7"},{"vulnerability":"VCID-pmnn-f6z1-gbct"},{"vulnerability":"VCID-puce-kthm-jfa7"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-qgs4-4qpa-3kbu"},{"vulnerability":"VCID-qu28-hr3t-kkca"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-s4ps-ebu4-6bh5"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-t7ay-kqzz-zbbd"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-ujjt-5d77-r3ex"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-vgt6-eqab-cua9"},{"vulnerability":"VCID-vswx-e9p8-1ugn"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"},{"vulnerability":"VCID-zhu3-aqgx-j3ba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@3.1.7%252Bdfsg1-8%252Bdeb7u5"},{"url":"http://public2.vulnerablecode.io/api/packages/1035579?format=json","purl":"pkg:deb/debian/otrs2@3.3.9-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23kg-6hy8-2kfb"},{"vulnerability":"VCID-3s9f-prpy-hbcx"},{"vulnerability":"VCID-47tp-xcrf-vkf4"},{"vulnerability":"VCID-5618-53yg-8qh4"},{"vulnerability":"VCID-57jx-quzh-fubc"},{"vulnerability":"VCID-59ez-3fcw-9ke1"},{"vulnerability":"VCID-5f4u-bk7e-fyb8"},{"vulnerability":"VCID-79tb-zy1a-tqaf"},{"vulnerability":"VCID-7jwd-q7gg-6baf"},{"vulnerability":"VCID-9431-8f5f-rfct"},{"vulnerability":"VCID-9aug-utyb-3fbg"},{"vulnerability":"VCID-9fth-879g-a3fn"},{"vulnerability":"VCID-9v46-tmyq-f7bb"},{"vulnerability":"VCID-a286-32jj-eubk"},{"vulnerability":"VCID-cvxp-ctj9-guej"},{"vulnerability":"VCID-cyn6-w9ue-1fdv"},{"vulnerability":"VCID-d4t9-s9ws-uugb"},{"vulnerability":"VCID-e7ak-45qz-cfa9"},{"vulnerability":"VCID-enp1-vd1n-ffg9"},{"vulnerability":"VCID-ew2x-9cat-v3h1"},{"vulnerability":"VCID-fz8v-murm-1khj"},{"vulnerability":"VCID-g2j2-tn4a-uqd3"},{"vulnerability":"VCID-h4xp-dgt9-jfhb"},{"vulnerability":"VCID-jg6y-p28f-dbd8"},{"vulnerability":"VCID-jr2g-4ag6-hqey"},{"vulnerability":"VCID-jv8f-vz24-67c2"},{"vulnerability":"VCID-kkx1-64uf-87hf"},{"vulnerability":"VCID-msa1-r3ax-zkeb"},{"vulnerability":"VCID-mvf7-hk9h-zfa4"},{"vulnerability":"VCID-n57t-8s1v-xkaw"},{"vulnerability":"VCID-n6bx-62mu-nkge"},{"vulnerability":"VCID-p1rf-q72p-bbg9"},{"vulnerability":"VCID-p92a-hwnk-dfg7"},{"vulnerability":"VCID-q4vw-md7c-53bs"},{"vulnerability":"VCID-qgs4-4qpa-3kbu"},{"vulnerability":"VCID-qu28-hr3t-kkca"},{"vulnerability":"VCID-rg2d-x2j3-jycq"},{"vulnerability":"VCID-s4ps-ebu4-6bh5"},{"vulnerability":"VCID-sxy7-tjmp-qbh2"},{"vulnerability":"VCID-t2up-pp1r-xkdu"},{"vulnerability":"VCID-u3ed-wmjx-9fcq"},{"vulnerability":"VCID-u8xm-v9ek-yuar"},{"vulnerability":"VCID-ujf1-bbf4-abch"},{"vulnerability":"VCID-ujjt-5d77-r3ex"},{"vulnerability":"VCID-vahe-evfr-w7hd"},{"vulnerability":"VCID-vgt6-eqab-cua9"},{"vulnerability":"VCID-wueh-6rd8-zyg8"},{"vulnerability":"VCID-z2ek-mhha-ubhf"},{"vulnerability":"VCID-zhu3-aqgx-j3ba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@3.3.9-3"}],"aliases":["CVE-2014-9324"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h7nm-zq34-fqbs"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@3.3.9-3"}