{"url":"http://public2.vulnerablecode.io/api/packages/515603?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1~bpo8%2B1","type":"deb","namespace":"debian","name":"otrs2","version":"5.0.16-1~bpo8+1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"6.0.32-6","latest_non_vulnerable_version":"6.0.32-6","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97455?format=json","vulnerability_id":"VCID-118n-pg69-n7fk","summary":"Attacker is able craft an article with a link to the customer address book with malicious content (JavaScript). When agent opens the link, JavaScript code is executed due to the missing parameter encoding. This issue affects: ((OTRS)) Community Edition: 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1771","reference_id":"","reference_type":"","scores":[{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.7079","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70832","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70839","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70822","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70808","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1771"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1771"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-118n-pg69-n7fk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97421?format=json","vulnerability_id":"VCID-17u4-6a9b-vfg7","summary":"Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and consequently gain privileges via a crafted email.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17476","reference_id":"","reference_type":"","scores":[{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.76175","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.762","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.76202","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.76195","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.76184","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.76208","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17476","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17476"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884801","reference_id":"884801","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/515604?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-17u4-6a9b-vfg7"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-2zbp-7f7d-9yax"},{"vulnerability":"VCID-37a6-9nkd-zfe2"},{"vulnerability":"VCID-3t8c-btz5-aygz"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-4fub-mh26-8kch"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-9vxt-vwmf-7qf9"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-a5xn-yn1g-kbfb"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-cwy4-f5jk-g7f1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-e41t-6ufe-4uhg"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-hq3f-5xvu-nybp"},{"vulnerability":"VCID-j7u9-2fdf-yfgs"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-kj1x-kn4w-13a1"},{"vulnerability":"VCID-n1x5-3apq-yuax"},{"vulnerability":"VCID-psbm-u2fr-afgx"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-s95j-1s4a-83bp"},{"vulnerability":"VCID-t86d-v1jx-7kek"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zjh1-fhd3-mbcb"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6"},{"url":"http://public2.vulnerablecode.io/api/packages/516737?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2017-17476"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-17u4-6a9b-vfg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97454?format=json","vulnerability_id":"VCID-29xd-16y4-cufd","summary":"Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1770","reference_id":"","reference_type":"","scores":[{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58424","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58471","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58479","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58457","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58473","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1770"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1770","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1770"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1770"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-29xd-16y4-cufd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97422?format=json","vulnerability_id":"VCID-2zbp-7f7d-9yax","summary":"In Open Ticket Request System (OTRS) 3.3.x through 3.3.16, 4.x through 4.0.23, and 5.x through 5.0.19, an attacker with agent permission is capable of opening a specific URL in a browser to gain administrative privileges / full access. Afterward, all system settings can be read and changed. The URLs in question contain index.pl?Action=Installer with ;Subaction=Intro or ;Subaction=Start or ;Subaction=System appended at the end.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9324","reference_id":"","reference_type":"","scores":[{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.8051","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80537","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80539","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80536","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80531","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80552","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9324"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9324","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9324"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864319","reference_id":"864319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864319"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516737?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2017-9324"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2zbp-7f7d-9yax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97431?format=json","vulnerability_id":"VCID-37a6-9nkd-zfe2","summary":"Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching is mishandled.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19143","reference_id":"","reference_type":"","scores":[{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31355","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31424","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.3139","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31352","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.3132","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31344","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19143"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19143","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19143"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516737?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-19143"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-37a6-9nkd-zfe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97418?format=json","vulnerability_id":"VCID-3t8c-btz5-aygz","summary":"Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System (OTRS) 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. In the agent interface, an authenticated remote attacker can execute shell commands as the webserver user via URL manipulation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16664","reference_id":"","reference_type":"","scores":[{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.79395","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.79422","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.79426","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.79419","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.79409","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0122","scoring_system":"epss","scoring_elements":"0.79428","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16664"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16664","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16664"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882370","reference_id":"882370","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882370"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/515604?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-17u4-6a9b-vfg7"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-2zbp-7f7d-9yax"},{"vulnerability":"VCID-37a6-9nkd-zfe2"},{"vulnerability":"VCID-3t8c-btz5-aygz"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-4fub-mh26-8kch"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-9vxt-vwmf-7qf9"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-a5xn-yn1g-kbfb"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-cwy4-f5jk-g7f1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-e41t-6ufe-4uhg"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-hq3f-5xvu-nybp"},{"vulnerability":"VCID-j7u9-2fdf-yfgs"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-kj1x-kn4w-13a1"},{"vulnerability":"VCID-n1x5-3apq-yuax"},{"vulnerability":"VCID-psbm-u2fr-afgx"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-s95j-1s4a-83bp"},{"vulnerability":"VCID-t86d-v1jx-7kek"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zjh1-fhd3-mbcb"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6"},{"url":"http://public2.vulnerablecode.io/api/packages/516737?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2017-16664"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3t8c-btz5-aygz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97466?format=json","vulnerability_id":"VCID-48xy-e43e-3uhq","summary":"There is a XSS vulnerability in the ticket overview screens. It's possible to collect various information by having an e-mail shown in the overview screen. Attack can be performed by sending specially crafted e-mail to the system and it doesn't require any user intraction. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21441","reference_id":"","reference_type":"","scores":[{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.53179","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.5324","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.53248","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.5323","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.53204","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.53228","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21441"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21441","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21441"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992","reference_id":"989992","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2021-21441"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-48xy-e43e-3uhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97429?format=json","vulnerability_id":"VCID-4fub-mh26-8kch","summary":"Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before 5.0.31 allows an admin to conduct an XSS attack via a modified URL because user and customer preferences are mishandled.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19141","reference_id":"","reference_type":"","scores":[{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50538","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.506","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50607","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50587","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50557","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50573","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19141"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19141","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19141"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516737?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-19141"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4fub-mh26-8kch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97453?format=json","vulnerability_id":"VCID-5aaf-5d97-g3bg","summary":"In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1769","reference_id":"","reference_type":"","scores":[{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71566","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.7161","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71617","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71593","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71578","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71599","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1769"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1769","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1769"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1769"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5aaf-5d97-g3bg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53948?format=json","vulnerability_id":"VCID-5jye-2stz-fqam","summary":"Uncontrolled Resource Consumption\nThe jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package \"jquery-validation\". jquery-validation before version 1.19.3 contains one or more regular expressions that is vulnerable to ReDoS (Regular Expression Denial of Service). This is fixed in 1.19.3.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21252.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21252.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21252","reference_id":"","reference_type":"","scores":[{"value":"0.00667","scoring_system":"epss","scoring_elements":"0.71688","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00667","scoring_system":"epss","scoring_elements":"0.71704","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00667","scoring_system":"epss","scoring_elements":"0.7168","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00667","scoring_system":"epss","scoring_elements":"0.71666","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00727","scoring_system":"epss","scoring_elements":"0.72983","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00727","scoring_system":"epss","scoring_elements":"0.73021","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21252"},{"reference_url":"https://github.com/jquery-validation/jquery-validation","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery-validation/jquery-validation"},{"reference_url":"https://github.com/jquery-validation/jquery-validation/commit/5d8f29eef363d043a8fec4eb86d42cadb5fa5f7d","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery-validation/jquery-validation/commit/5d8f29eef363d043a8fec4eb86d42cadb5fa5f7d"},{"reference_url":"https://github.com/jquery-validation/jquery-validation/pull/2371","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery-validation/jquery-validation/pull/2371"},{"reference_url":"https://jqueryvalidation.org/#installation-via-package-managers","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://jqueryvalidation.org/#installation-via-package-managers"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"},{"reference_url":"https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation"},{"reference_url":"https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation/","reference_id":"","reference_type":"","scores":[],"url":"https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210219-0005","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20210219-0005"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210219-0005/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20210219-0005/"},{"reference_url":"https://www.npmjs.com/package/jquery-validation","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.npmjs.com/package/jquery-validation"},{"reference_url":"https://www.nuget.org/packages/jquery.validation","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.nuget.org/packages/jquery.validation"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2096941","reference_id":"2096941","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2096941"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980891","reference_id":"980891","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980891"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980892","reference_id":"980892","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980892"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21252","reference_id":"CVE-2021-21252","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21252"},{"reference_url":"https://github.com/advisories/GHSA-jxwx-85vp-gvwm","reference_id":"GHSA-jxwx-85vp-gvwm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jxwx-85vp-gvwm"},{"reference_url":"https://github.com/jquery-validation/jquery-validation/security/advisories/GHSA-jxwx-85vp-gvwm","reference_id":"GHSA-jxwx-85vp-gvwm","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery-validation/jquery-validation/security/advisories/GHSA-jxwx-85vp-gvwm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2021-21252","GHSA-jxwx-85vp-gvwm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5jye-2stz-fqam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97442?format=json","vulnerability_id":"VCID-6bmk-u1e6-ybav","summary":"An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.11, and Community Edition 5.0.x through 5.0.37 and 6.0.x through 6.0.22. An attacker who is logged in as an agent or customer user with appropriate permissions can create a carefully crafted string containing malicious JavaScript code as an article body. This malicious code is executed when an agent composes an answer to the original article.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16375","reference_id":"","reference_type":"","scores":[{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.71163","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.71206","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.71212","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.71195","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.7118","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16375"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-16375"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6bmk-u1e6-ybav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97457?format=json","vulnerability_id":"VCID-7em4-9csm-pfgz","summary":"An attacker with the ability to generate session IDs or password reset tokens, either by being able to authenticate or by exploiting OSA-2020-09, may be able to predict other users session IDs, password reset tokens and automatically generated passwords. This issue affects ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS; 7.0.15 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1773","reference_id":"","reference_type":"","scores":[{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64667","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64708","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64717","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64706","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64696","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64714","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1773"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1773"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7em4-9csm-pfgz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/30634?format=json","vulnerability_id":"VCID-84eq-cq89-9qhm","summary":"Modification of Assumed-Immutable Data (MAID)\nPrototype pollution attack through jQuery $.extend","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html"},{"reference_url":"http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html"},{"reference_url":"http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html"},{"reference_url":"http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html"},{"reference_url":"https://access.redhat.com/errata/RHBA-2019:1570","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://access.redhat.com/errata/RHBA-2019:1570"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1456","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2587","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:2587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3023","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:3023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3024","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:3024"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11358.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11358.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11358","reference_id":"","reference_type":"","scores":[{"value":"0.01319","scoring_system":"epss","scoring_elements":"0.80249","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01532","scoring_system":"epss","scoring_elements":"0.81678","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01532","scoring_system":"epss","scoring_elements":"0.81677","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01532","scoring_system":"epss","scoring_elements":"0.81672","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01532","scoring_system":"epss","scoring_elements":"0.81646","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11358"},{"reference_url":"https://backdropcms.org/security/backdrop-sa-core-2019-009","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://backdropcms.org/security/backdrop-sa-core-2019-009"},{"reference_url":"https://blog.jquery.com/2019/04/10/jquery-3-4-0-released","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.jquery.com/2019/04/10/jquery-3-4-0-released"},{"reference_url":"https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12466","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12466"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12467"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12471","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12471"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12474"},{"reference_url":"http://seclists.org/fulldisclosure/2019/May/10","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://seclists.org/fulldisclosure/2019/May/10"},{"reference_url":"http://seclists.org/fulldisclosure/2019/May/11","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://seclists.org/fulldisclosure/2019/May/11"},{"reference_url":"http://seclists.org/fulldisclosure/2019/May/13","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://seclists.org/fulldisclosure/2019/May/13"},{"reference_url":"https://github.com/django/django/commit/34ec52269ade54af31a021b12969913129571a3f","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/34ec52269ade54af31a021b12969913129571a3f"},{"reference_url":"https://github.com/django/django/commit/95649bc08547a878cebfa1d019edec8cb1b80829","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/95649bc08547a878cebfa1d019edec8cb1b80829"},{"reference_url":"https://github.com/django/django/commit/baaf187a4e354bf3976c51e2c83a0d2f8ee6e6ad","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/baaf187a4e354bf3976c51e2c83a0d2f8ee6e6ad"},{"reference_url":"https://github.com/jquery/jquery","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery/jquery"},{"reference_url":"https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b"},{"reference_url":"https://github.com/jquery/jquery/pull/4333","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://github.com/jquery/jquery/pull/4333"},{"reference_url":"https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc"},{"reference_url":"https://github.com/maximebf/php-debugbar/issues/447","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/maximebf/php-debugbar/issues/447"},{"reference_url":"https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434"},{"reference_url":"https://hackerone.com/reports/454365","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":""}],"url":"https://hackerone.com/reports/454365"},{"reference_url":"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"},{"reference_url":"https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5"},{"reference_url":"https://seclists.org/bugtraq/2019/Apr/32","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://seclists.org/bugtraq/2019/Apr/32"},{"reference_url":"https://seclists.org/bugtraq/2019/Jun/12","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://seclists.org/bugtraq/2019/Jun/12"},{"reference_url":"https://seclists.org/bugtraq/2019/May/18","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://seclists.org/bugtraq/2019/May/18"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190919-0001","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190919-0001"},{"reference_url":"https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-450226","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-450226"},{"reference_url":"https://snyk.io/vuln/SNYK-JS-JQUERY-174006","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://snyk.io/vuln/SNYK-JS-JQUERY-174006"},{"reference_url":"https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1"},{"reference_url":"https://web.archive.org/web/20190824065237/http://www.securityfocus.com/bid/108023","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20190824065237/http://www.securityfocus.com/bid/108023"},{"reference_url":"https://www.debian.org/security/2019/dsa-4434","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.debian.org/security/2019/dsa-4434"},{"reference_url":"https://www.debian.org/security/2019/dsa-4460","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.debian.org/security/2019/dsa-4460"},{"reference_url":"https://www.djangoproject.com/weblog/2019/jun/03/security-releases","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2019/jun/03/security-releases"},{"reference_url":"https://www.drupal.org/sa-core-2019-006","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.drupal.org/sa-core-2019-006"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuApr2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"reference_url":"https://www.oracle.com//security-alerts/cpujul2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery"},{"reference_url":"https://www.synology.com/security/advisory/Synology_SA_19_19","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.synology.com/security/advisory/Synology_SA_19_19"},{"reference_url":"https://www.tenable.com/security/tns-2019-08","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.tenable.com/security/tns-2019-08"},{"reference_url":"https://www.tenable.com/security/tns-2020-02","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.tenable.com/security/tns-2020-02"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/06/03/2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://www.openwall.com/lists/oss-security/2019/06/03/2"},{"reference_url":"http://www.securityfocus.com/bid/108023","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"http://www.securityfocus.com/bid/108023"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1701972","reference_id":"1701972","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1701972"},{"reference_url":"https://github.com/nodejs/security-wg/blob/main/vuln/npm/496.json","reference_id":"496","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":""}],"url":"https://github.com/nodejs/security-wg/blob/main/vuln/npm/496.json"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/","reference_id":"4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/","reference_id":"5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927466","reference_id":"927466","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927466"},{"reference_url":"https://security.archlinux.org/ASA-201906-2","reference_id":"ASA-201906-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201906-2"},{"reference_url":"https://security.archlinux.org/AVG-969","reference_id":"AVG-969","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-969"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11358","reference_id":"CVE-2019-11358","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11358"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2019-11358.yml","reference_id":"CVE-2019-11358.YML","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2019-11358.yml"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52141.txt","reference_id":"CVE-2020-7656;CVE-2019-11358","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52141.txt"},{"reference_url":"https://github.com/advisories/GHSA-6c3j-c64m-qhgq","reference_id":"GHSA-6c3j-c64m-qhgq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6c3j-c64m-qhgq"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/","reference_id":"KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/"},{"reference_url":"https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/","reference_id":"mitigating-cve-2019-11358-in-old-versions-of-jquery","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190919-0001/","reference_id":"ntap-20190919-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://security.netapp.com/advisory/ntap-20190919-0001/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/","reference_id":"QV3PKZC3PQCO3273HAT76PAQZFBEO4KP","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1325","reference_id":"RHSA-2020:1325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2412","reference_id":"RHSA-2020:2412","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2412"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3936","reference_id":"RHSA-2020:3936","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3936"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4298","reference_id":"RHSA-2020:4298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4670","reference_id":"RHSA-2020:4670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4847","reference_id":"RHSA-2020:4847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5581","reference_id":"RHSA-2020:5581","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5581"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4142","reference_id":"RHSA-2021:4142","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4142"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7343","reference_id":"RHSA-2022:7343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0552","reference_id":"RHSA-2023:0552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0553","reference_id":"RHSA-2023:0553","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0553"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0554","reference_id":"RHSA-2023:0554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0554"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0556","reference_id":"RHSA-2023:0556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0556"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/","reference_id":"RLXRX23725JL366CNZGJZ7AQQB7LHQ6F","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/"},{"reference_url":"https://usn.ubuntu.com/7622-1/","reference_id":"USN-7622-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7622-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/","reference_id":"WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-11358","GHSA-6c3j-c64m-qhgq"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-84eq-cq89-9qhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97468?format=json","vulnerability_id":"VCID-8bqn-wqhd-87da","summary":"Agents are able to list appointments in the calendars without required permissions. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions prior to 7.0.27.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36091","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32296","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32368","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32337","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.323","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3227","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32292","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36091"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593","reference_id":"991593","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2021-36091"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8bqn-wqhd-87da"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97456?format=json","vulnerability_id":"VCID-8wat-51ra-skdf","summary":"It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. This issue affects: ((OTRS)) Community Edition 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1772","reference_id":"","reference_type":"","scores":[{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63926","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.6397","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63977","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63967","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63955","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63975","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1772"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1772"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8wat-51ra-skdf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97444?format=json","vulnerability_id":"VCID-9fy1-azty-z3f4","summary":"Improper Check for filenames with overly long extensions in PostMaster (sending in email) or uploading files (e.g. attaching files to mails) of ((OTRS)) Community Edition and OTRS allows an remote attacker to cause an endless loop. This issue affects: OTRS AG: ((OTRS)) Community Edition 5.0.x version 5.0.38 and prior versions; 6.0.x version 6.0.23 and prior versions. OTRS AG: OTRS 7.0.x version 7.0.12 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18180","reference_id":"","reference_type":"","scores":[{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.80308","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.80333","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.80336","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.80332","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.80324","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01334","scoring_system":"epss","scoring_elements":"0.80346","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18180"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945251","reference_id":"945251","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945251"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-18180"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9fy1-azty-z3f4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97432?format=json","vulnerability_id":"VCID-9vxt-vwmf-7qf9","summary":"An issue was discovered in Open Ticket Request System (OTRS) 5.0.31 and 6.0.13. Users updating to 6.0.13 (also patchlevel updates) or 5.0.31 (only major updates) will experience data loss in their agent preferences table.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20800","reference_id":"","reference_type":"","scores":[{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46034","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46102","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46104","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46083","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46057","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46069","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20800"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516737?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-20800"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9vxt-vwmf-7qf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97436?format=json","vulnerability_id":"VCID-a1sz-pm39-a7ft","summary":"An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the context of OTRS.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10067","reference_id":"","reference_type":"","scores":[{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59655","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59706","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59709","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.597","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59681","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59699","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10067"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10067","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10067"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-10067"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a1sz-pm39-a7ft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97415?format=json","vulnerability_id":"VCID-a5xn-yn1g-kbfb","summary":"In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x before 4.0.25, and 5.x before 5.0.23, remote authenticated users can leverage statistics-write permissions to gain privileges via code injection.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14635","reference_id":"","reference_type":"","scores":[{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72937","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72974","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72981","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72964","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72951","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72976","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14635"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14635","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14635"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876462","reference_id":"876462","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876462"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/515604?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-17u4-6a9b-vfg7"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-2zbp-7f7d-9yax"},{"vulnerability":"VCID-37a6-9nkd-zfe2"},{"vulnerability":"VCID-3t8c-btz5-aygz"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-4fub-mh26-8kch"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-9vxt-vwmf-7qf9"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-a5xn-yn1g-kbfb"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-cwy4-f5jk-g7f1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-e41t-6ufe-4uhg"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-hq3f-5xvu-nybp"},{"vulnerability":"VCID-j7u9-2fdf-yfgs"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-kj1x-kn4w-13a1"},{"vulnerability":"VCID-n1x5-3apq-yuax"},{"vulnerability":"VCID-psbm-u2fr-afgx"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-s95j-1s4a-83bp"},{"vulnerability":"VCID-t86d-v1jx-7kek"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zjh1-fhd3-mbcb"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6"},{"url":"http://public2.vulnerablecode.io/api/packages/516737?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2017-14635"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a5xn-yn1g-kbfb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97458?format=json","vulnerability_id":"VCID-amad-41hs-1qay","summary":"When user downloads PGP or S/MIME keys/certificates, exported file has same name for private and public keys. Therefore it's possible to mix them and to send private key to the third-party instead of public key. This issue affects ((OTRS)) Community Edition: 5.0.42 and prior versions, 6.0.27 and prior versions. OTRS: 7.0.16 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1774","reference_id":"","reference_type":"","scores":[{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42294","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42369","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42381","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42354","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.4232","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42329","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1774"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959448","reference_id":"959448","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959448"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1774"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-amad-41hs-1qay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97445?format=json","vulnerability_id":"VCID-cbw1-dcam-fff1","summary":"An issue was discovered in Open Ticket Request System (OTRS) 6.x before 6.0.17 and 7.x before 7.0.5. An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS. This is related to Kernel/Output/Template/Document.pm.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9751","reference_id":"","reference_type":"","scores":[{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.61185","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.61234","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.61241","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.61228","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.6121","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.6123","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9751"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-9751"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cbw1-dcam-fff1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97428?format=json","vulnerability_id":"VCID-cwy4-f5jk-g7f1","summary":"An issue was discovered in Open Ticket Request System (OTRS) 6.0.x before 6.0.12. An attacker could send an e-mail message with a malicious link to an OTRS system or an agent. If a logged-in agent opens this link, it could cause the execution of JavaScript in the context of OTRS.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17883","reference_id":"","reference_type":"","scores":[{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.75072","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.75067","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.7506","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.75045","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.75034","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.75063","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17883"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17883","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17883"},{"reference_url":"https://community.otrs.com/category/release-and-security-notes-en/","reference_id":"release-and-security-notes-en","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T16:24:58Z/"}],"url":"https://community.otrs.com/category/release-and-security-notes-en/"},{"reference_url":"https://community.otrs.com/security-advisory-2018-06-security-update-for-otrs-framework/","reference_id":"security-advisory-2018-06-security-update-for-otrs-framework","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T16:24:58Z/"}],"url":"https://community.otrs.com/security-advisory-2018-06-security-update-for-otrs-framework/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516737?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-17883"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cwy4-f5jk-g7f1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97467?format=json","vulnerability_id":"VCID-dnfd-spvs-9qbb","summary":"Agents are able to list customer user emails without required permissions in the bulk action screen. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions prior to 7.0.27.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21443","reference_id":"","reference_type":"","scores":[{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44625","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44694","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44702","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.4468","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44648","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44661","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21443","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21443"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593","reference_id":"991593","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2021-21443"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dnfd-spvs-9qbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97427?format=json","vulnerability_id":"VCID-e41t-6ufe-4uhg","summary":"In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that the OTRS web server user has write access to.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16587","reference_id":"","reference_type":"","scores":[{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65897","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65949","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65961","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65947","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65936","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65954","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16586","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16586"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16587"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/515604?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-17u4-6a9b-vfg7"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-2zbp-7f7d-9yax"},{"vulnerability":"VCID-37a6-9nkd-zfe2"},{"vulnerability":"VCID-3t8c-btz5-aygz"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-4fub-mh26-8kch"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-9vxt-vwmf-7qf9"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-a5xn-yn1g-kbfb"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-cwy4-f5jk-g7f1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-e41t-6ufe-4uhg"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-hq3f-5xvu-nybp"},{"vulnerability":"VCID-j7u9-2fdf-yfgs"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-kj1x-kn4w-13a1"},{"vulnerability":"VCID-n1x5-3apq-yuax"},{"vulnerability":"VCID-psbm-u2fr-afgx"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-s95j-1s4a-83bp"},{"vulnerability":"VCID-t86d-v1jx-7kek"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zjh1-fhd3-mbcb"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6"},{"url":"http://public2.vulnerablecode.io/api/packages/516737?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-16587"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e41t-6ufe-4uhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97437?format=json","vulnerability_id":"VCID-fxxh-51wc-gbb3","summary":"An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.7, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. An attacker could send a malicious email to an OTRS system. If a logged-in agent user quotes it, the email could cause the browser to load external image resources.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12248","reference_id":"","reference_type":"","scores":[{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72412","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72453","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.7246","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.7244","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72427","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00701","scoring_system":"epss","scoring_elements":"0.72451","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12248"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-12248"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fxxh-51wc-gbb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97435?format=json","vulnerability_id":"VCID-gubp-jzhm-kyh6","summary":"An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through 5.0.12. An attacker who is logged into OTRS as an agent with appropriate permissions may create a carefully crafted calendar appointment in order to cause execution of JavaScript in the context of OTRS.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10066","reference_id":"","reference_type":"","scores":[{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63701","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63743","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.6375","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63742","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.6373","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63749","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10066"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-10066"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gubp-jzhm-kyh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97419?format=json","vulnerability_id":"VCID-hq3f-5xvu-nybp","summary":"In Open Ticket Request System (OTRS) through 3.3.20, 4 through 4.0.26, 5 through 5.0.24, and 6 through 6.0.1, an attacker who is logged in as a customer can use the ticket search form to disclose internal article information of their customer tickets.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16854","reference_id":"","reference_type":"","scores":[{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58287","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58335","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58344","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58334","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58319","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58339","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16921"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/515604?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-17u4-6a9b-vfg7"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-2zbp-7f7d-9yax"},{"vulnerability":"VCID-37a6-9nkd-zfe2"},{"vulnerability":"VCID-3t8c-btz5-aygz"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-4fub-mh26-8kch"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-9vxt-vwmf-7qf9"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-a5xn-yn1g-kbfb"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-cwy4-f5jk-g7f1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-e41t-6ufe-4uhg"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-hq3f-5xvu-nybp"},{"vulnerability":"VCID-j7u9-2fdf-yfgs"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-kj1x-kn4w-13a1"},{"vulnerability":"VCID-n1x5-3apq-yuax"},{"vulnerability":"VCID-psbm-u2fr-afgx"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-s95j-1s4a-83bp"},{"vulnerability":"VCID-t86d-v1jx-7kek"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zjh1-fhd3-mbcb"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6"},{"url":"http://public2.vulnerablecode.io/api/packages/516737?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2017-16854"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hq3f-5xvu-nybp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97425?format=json","vulnerability_id":"VCID-j7u9-2fdf-yfgs","summary":"An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14593","reference_id":"","reference_type":"","scores":[{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.71102","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.71144","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.71151","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.71133","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.71119","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16586","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16586"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16587"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/515604?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-17u4-6a9b-vfg7"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-2zbp-7f7d-9yax"},{"vulnerability":"VCID-37a6-9nkd-zfe2"},{"vulnerability":"VCID-3t8c-btz5-aygz"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-4fub-mh26-8kch"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-9vxt-vwmf-7qf9"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-a5xn-yn1g-kbfb"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-cwy4-f5jk-g7f1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-e41t-6ufe-4uhg"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-hq3f-5xvu-nybp"},{"vulnerability":"VCID-j7u9-2fdf-yfgs"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-kj1x-kn4w-13a1"},{"vulnerability":"VCID-n1x5-3apq-yuax"},{"vulnerability":"VCID-psbm-u2fr-afgx"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-s95j-1s4a-83bp"},{"vulnerability":"VCID-t86d-v1jx-7kek"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zjh1-fhd3-mbcb"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6"},{"url":"http://public2.vulnerablecode.io/api/packages/516737?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-14593"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j7u9-2fdf-yfgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51650?format=json","vulnerability_id":"VCID-jed8-4cv5-6bcr","summary":"Potential XSS vulnerability in jQuery\n### Impact\nPassing HTML from untrusted sources - even after sanitizing it - to\none of jQuery's DOM manipulation methods (i.e. `.html()`, `.append()`,\nand others) may execute untrusted code.\n\n### Patches\nThis problem is patched in jQuery 3.5.0.\n\n### Workarounds\nTo workaround the issue without upgrading, adding the following to\nyour code:\n```js\njQuery.htmlPrefilter = function( html ) {\n  return html;\n};\n```\nYou need to use at least jQuery 1.12/2.2 or newer to be able to\napply this workaround.\n\n### References\nhttps://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\nhttps://jquery.com/upgrade-guide/3.5/\n\n### For more information\nIf you have any questions or comments about this advisory, search\nfor a relevant issue in\n[the jQuery repo](https://github.com/jquery/jquery/issues).\n\nIf you don't find an answer, open a new issue.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11022.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11022.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11022","reference_id":"","reference_type":"","scores":[{"value":"0.02391","scoring_system":"epss","scoring_elements":"0.85334","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02456","scoring_system":"epss","scoring_elements":"0.85522","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02456","scoring_system":"epss","scoring_elements":"0.85498","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02456","scoring_system":"epss","scoring_elements":"0.85521","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02456","scoring_system":"epss","scoring_elements":"0.85507","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02456","scoring_system":"epss","scoring_elements":"0.85527","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11022"},{"reference_url":"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released"},{"reference_url":"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/","reference_id":"","reference_type":"","scores":[],"url":"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662"},{"reference_url":"http://security.netapp.com/advisory/ntap-20200511-0006","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://security.netapp.com/advisory/ntap-20200511-0006"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/jquery/jquery","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery/jquery"},{"reference_url":"https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77"},{"reference_url":"https://github.com/jquery/jquery/releases/tag/3.5.0","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery/jquery/releases/tag/3.5.0"},{"reference_url":"https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2"},{"reference_url":"https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc"},{"reference_url":"https://github.com/maximebf/php-debugbar/issues/447","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/maximebf/php-debugbar/issues/447"},{"reference_url":"https://jquery.com/upgrade-guide/3.5","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://jquery.com/upgrade-guide/3.5"},{"reference_url":"https://jquery.com/upgrade-guide/3.5/","reference_id":"","reference_type":"","scores":[],"url":"https://jquery.com/upgrade-guide/3.5/"},{"reference_url":"https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W"},{"reference_url":"https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html"},{"reference_url":"https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html"},{"reference_url":"https://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html"},{"reference_url":"https://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html"},{"reference_url":"https://security.gentoo.org/glsa/202007-03","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202007-03"},{"reference_url":"https://www.debian.org/security/2020/dsa-4693","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2020/dsa-4693"},{"reference_url":"https://www.drupal.org/sa-core-2020-002","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.drupal.org/sa-core-2020-002"},{"reference_url":"https://www.oracle.com/security-alerts/cpuApr2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujan2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"reference_url":"https://www.oracle.com//security-alerts/cpujul2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"reference_url":"https://www.tenable.com/security/tns-2020-10","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.tenable.com/security/tns-2020-10"},{"reference_url":"https://www.tenable.com/security/tns-2020-11","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.tenable.com/security/tns-2020-11"},{"reference_url":"https://www.tenable.com/security/tns-2021-02","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.tenable.com/security/tns-2021-02"},{"reference_url":"https://www.tenable.com/security/tns-2021-10","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.tenable.com/security/tns-2021-10"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1828406","reference_id":"1828406","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1828406"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49766.txt","reference_id":"CVE-2020-11022","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49766.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11022","reference_id":"CVE-2020-11022","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11022"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11022.yml","reference_id":"CVE-2020-11022.YML","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11022.yml"},{"reference_url":"https://github.com/advisories/GHSA-gxr4-xjj5-5px2","reference_id":"GHSA-gxr4-xjj5-5px2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gxr4-xjj5-5px2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2217","reference_id":"RHSA-2020:2217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2362","reference_id":"RHSA-2020:2362","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2362"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2412","reference_id":"RHSA-2020:2412","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2412"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2813","reference_id":"RHSA-2020:2813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3247","reference_id":"RHSA-2020:3247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3807","reference_id":"RHSA-2020:3807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3936","reference_id":"RHSA-2020:3936","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3936"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4211","reference_id":"RHSA-2020:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4298","reference_id":"RHSA-2020:4298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4670","reference_id":"RHSA-2020:4670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4847","reference_id":"RHSA-2020:4847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5249","reference_id":"RHSA-2020:5249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0778","reference_id":"RHSA-2021:0778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0778"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6393","reference_id":"RHSA-2022:6393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0552","reference_id":"RHSA-2023:0552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0553","reference_id":"RHSA-2023:0553","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0553"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0554","reference_id":"RHSA-2023:0554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0554"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0556","reference_id":"RHSA-2023:0556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0556"},{"reference_url":"https://usn.ubuntu.com/7246-1/","reference_id":"USN-7246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7246-1/"},{"reference_url":"https://usn.ubuntu.com/7622-1/","reference_id":"USN-7622-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7622-1/"},{"reference_url":"https://usn.ubuntu.com/7658-1/","reference_id":"USN-7658-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7658-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-11022","GHSA-gxr4-xjj5-5px2"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jed8-4cv5-6bcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97451?format=json","vulnerability_id":"VCID-k6nu-g1bk-dkg7","summary":"Agent A is able to save a draft (i.e. for customer reply). Then Agent B can open the draft, change the text completely and send it in the name of Agent A. For the customer it will not be visible that the message was sent by another agent. This issue affects: ((OTRS)) Community Edition 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1767","reference_id":"","reference_type":"","scores":[{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68489","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.6853","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68537","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68531","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68515","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68533","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1767"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1767"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k6nu-g1bk-dkg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97423?format=json","vulnerability_id":"VCID-kj1x-kn4w-13a1","summary":"An issue was discovered in OTRS 6.0.x before 6.0.7. An attacker who is logged into OTRS as a customer can use the ticket overview screen to disclose internal article information of their customer tickets.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10198","reference_id":"","reference_type":"","scores":[{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.4545","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45519","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45522","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45502","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45477","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.4549","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10198"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10198","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10198"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516737?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-10198"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kj1x-kn4w-13a1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97430?format=json","vulnerability_id":"VCID-n1x5-3apq-yuax","summary":"Open Ticket Request System (OTRS) 6.0.x before 6.0.13 allows an admin to conduct an XSS attack via a modified URL.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19142","reference_id":"","reference_type":"","scores":[{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.53049","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.5311","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.53118","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.53099","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.53074","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19142"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19142","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19142"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516737?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-19142"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n1x5-3apq-yuax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97446?format=json","vulnerability_id":"VCID-psbm-u2fr-afgx","summary":"An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. An attacker who is logged into OTRS as an agent or a customer user may upload a carefully crafted resource in order to cause execution of JavaScript in the context of OTRS. This is related to Content-type mishandling in Kernel/Modules/PictureUpload.pm.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9752","reference_id":"","reference_type":"","scores":[{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.6953","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.6957","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69578","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69568","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69556","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69576","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9752"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516737?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2019-9752"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-psbm-u2fr-afgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97460?format=json","vulnerability_id":"VCID-qabf-7jqg-b3du","summary":"When an agent user is renamed or set to invalid the session belonging to the user is keept active. The session can not be used to access ticket data in the case the agent is invalid. This issue affects ((OTRS)) Community Edition: 6.0.28 and prior versions. OTRS: 7.0.18 and prior versions, 8.0.4. and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1776","reference_id":"","reference_type":"","scores":[{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55929","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.5592","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55923","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55867","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55916","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55899","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1776"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1776"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qabf-7jqg-b3du"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97465?format=json","vulnerability_id":"VCID-qd3v-muyf-tkd7","summary":"Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.27 and prior versions; 8.0.x version 8.0.14 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21440","reference_id":"","reference_type":"","scores":[{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39236","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39326","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.3933","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39301","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39274","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39287","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21440"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21440","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21440"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593","reference_id":"991593","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2021-21440"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qd3v-muyf-tkd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97443?format=json","vulnerability_id":"VCID-r7xv-pxng-kfap","summary":"An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, even tickets in a queue where the attacker doesn't have permissions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18179","reference_id":"","reference_type":"","scores":[{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.61163","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.61212","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.61219","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.61205","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.61188","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.61208","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18179"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945251","reference_id":"945251","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945251"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-18179"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r7xv-pxng-kfap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97426?format=json","vulnerability_id":"VCID-s95j-1s4a-83bp","summary":"In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a logged in user opens it, the email could cause the browser to load external image or CSS resources.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16586","reference_id":"","reference_type":"","scores":[{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.6935","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.6939","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.69398","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.69389","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.69377","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16586"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16586","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16586"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16587"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/515604?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-17u4-6a9b-vfg7"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-2zbp-7f7d-9yax"},{"vulnerability":"VCID-37a6-9nkd-zfe2"},{"vulnerability":"VCID-3t8c-btz5-aygz"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-4fub-mh26-8kch"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-9vxt-vwmf-7qf9"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-a5xn-yn1g-kbfb"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-cwy4-f5jk-g7f1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-e41t-6ufe-4uhg"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-hq3f-5xvu-nybp"},{"vulnerability":"VCID-j7u9-2fdf-yfgs"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-kj1x-kn4w-13a1"},{"vulnerability":"VCID-n1x5-3apq-yuax"},{"vulnerability":"VCID-psbm-u2fr-afgx"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-s95j-1s4a-83bp"},{"vulnerability":"VCID-t86d-v1jx-7kek"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zjh1-fhd3-mbcb"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6"},{"url":"http://public2.vulnerablecode.io/api/packages/516737?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-16586"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s95j-1s4a-83bp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97424?format=json","vulnerability_id":"VCID-t86d-v1jx-7kek","summary":"An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.7. A carefully constructed email could be used to inject and execute arbitrary stylesheet or JavaScript code in a logged in customer's browser in the context of the OTRS customer panel application.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11563","reference_id":"","reference_type":"","scores":[{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52447","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52469","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53511","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53571","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53579","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53566","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11563"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11563","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11563"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516737?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2018-11563"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t86d-v1jx-7kek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97448?format=json","vulnerability_id":"VCID-ug4m-ygza-bqct","summary":"An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of arbitrary files on the OTRS filesystem.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9892","reference_id":"","reference_type":"","scores":[{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.63023","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.63067","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.63075","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.63065","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.63052","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.6307","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9892"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9892","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9892"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-9892"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ug4m-ygza-bqct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97441?format=json","vulnerability_id":"VCID-vjgu-685x-pyff","summary":"An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, and Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS notification tags in templates in order to disclose hashed user passwords.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13458","reference_id":"","reference_type":"","scores":[{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59502","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59493","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59473","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59491","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.59912","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.59959","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13458"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13458","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-13458"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vjgu-685x-pyff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51649?format=json","vulnerability_id":"VCID-vjrr-h9sh-3bcu","summary":"Potential XSS vulnerability in jQuery\n## Impact\n\nPassing HTML containing `<option>` elements from untrusted sources - even after\nsanitizing them - to one of jQuery's DOM manipulation methods (i.e. `.html()`,\n`.append()`, and others) may execute untrusted code.\n\n## Workarounds\n\nTo workaround this issue without upgrading, use DOMPurify with its\n`SAFE_FOR_JQUERY` option to sanitize the HTML string before passing it to a\njQuery method.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html"},{"reference_url":"http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11023.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11023.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11023","reference_id":"","reference_type":"","scores":[{"value":"0.34098","scoring_system":"epss","scoring_elements":"0.97077","published_at":"2026-06-09T12:55:00Z"},{"value":"0.3466","scoring_system":"epss","scoring_elements":"0.97103","published_at":"2026-06-08T12:55:00Z"},{"value":"0.3466","scoring_system":"epss","scoring_elements":"0.97098","published_at":"2026-06-04T12:55:00Z"},{"value":"0.3466","scoring_system":"epss","scoring_elements":"0.97101","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11023"},{"reference_url":"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/jquery/jquery","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery/jquery"},{"reference_url":"https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77"},{"reference_url":"https://github.com/jquery/jquery/releases/tag/3.5.0","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jquery/jquery/releases/tag/3.5.0"},{"reference_url":"https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#410","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#410"},{"reference_url":"https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440"},{"reference_url":"https://github.com/rails/jquery-rails/blob/v4.3.5/vendor/assets/javascripts/jquery3.js#L5979","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/jquery-rails/blob/v4.3.5/vendor/assets/javascripts/jquery3.js#L5979"},{"reference_url":"https://github.com/rails/jquery-rails/blob/v4.4.0/vendor/assets/javascripts/jquery3.js#L6162","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rails/jquery-rails/blob/v4.4.0/vendor/assets/javascripts/jquery3.js#L6162"},{"reference_url":"https://jquery.com/upgrade-guide/3.5","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://jquery.com/upgrade-guide/3.5"},{"reference_url":"https://jquery.com/upgrade-guide/3.5/","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://jquery.com/upgrade-guide/3.5/"},{"reference_url":"https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3Ccommits.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3Ccommits.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3Ccommits.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3Ccommits.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3Cissues.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3Cissues.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3Cdev.felix.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3Cdev.felix.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3Cgitbox.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3Cgitbox.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3Cdev.hive.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3Cdev.hive.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B"},{"reference_url":"https://security.gentoo.org/glsa/202007-03","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://security.gentoo.org/glsa/202007-03"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200511-0006","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20200511-0006"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230725-0003","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20230725-0003"},{"reference_url":"https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-565440","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-565440"},{"reference_url":"https://snyk.io/vuln/SNYK-JS-JQUERY-565129","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://snyk.io/vuln/SNYK-JS-JQUERY-565129"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11023","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11023"},{"reference_url":"https://www.debian.org/security/2020/dsa-4693","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.debian.org/security/2020/dsa-4693"},{"reference_url":"https://www.drupal.org/sa-core-2020-002","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.drupal.org/sa-core-2020-002"},{"reference_url":"https://www.oracle.com/security-alerts/cpuApr2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"reference_url":"https://www.oracle.com//security-alerts/cpujul2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"reference_url":"https://www.tenable.com/security/tns-2021-02","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.tenable.com/security/tns-2021-02"},{"reference_url":"https://www.tenable.com/security/tns-2021-10","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://www.tenable.com/security/tns-2021-10"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850004","reference_id":"1850004","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850004"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/","reference_id":"AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49767.txt","reference_id":"CVE-2020-11023","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49767.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11023","reference_id":"CVE-2020-11023","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11023"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11023.yml","reference_id":"CVE-2020-11023.YML","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11023.yml"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-23064.yml","reference_id":"CVE-2020-23064.YML","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-23064.yml"},{"reference_url":"https://github.com/advisories/GHSA-jpcq-cgw6-v4j6","reference_id":"GHSA-jpcq-cgw6-v4j6","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jpcq-cgw6-v4j6"},{"reference_url":"https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6","reference_id":"GHSA-jpcq-cgw6-v4j6","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6"},{"reference_url":"https://github.com/github/advisory-database/blob/99afa6fdeaf5d1d23e1021ff915a5e5dbc82c1f1/advisories/github-reviewed/2020/04/GHSA-jpcq-cgw6-v4j6/GHSA-jpcq-cgw6-v4j6.json#L20-L37","reference_id":"GHSA-jpcq-cgw6-v4j6.json#L20-L37","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/github/advisory-database/blob/99afa6fdeaf5d1d23e1021ff915a5e5dbc82c1f1/advisories/github-reviewed/2020/04/GHSA-jpcq-cgw6-v4j6/GHSA-jpcq-cgw6-v4j6.json#L20-L37"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200511-0006/","reference_id":"ntap-20200511-0006","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://security.netapp.com/advisory/ntap-20200511-0006/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/","reference_id":"QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2412","reference_id":"RHSA-2020:2412","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2412"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2813","reference_id":"RHSA-2020:2813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3247","reference_id":"RHSA-2020:3247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3369","reference_id":"RHSA-2020:3369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3807","reference_id":"RHSA-2020:3807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4211","reference_id":"RHSA-2020:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4298","reference_id":"RHSA-2020:4298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4847","reference_id":"RHSA-2020:4847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5249","reference_id":"RHSA-2020:5249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5412","reference_id":"RHSA-2020:5412","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5412"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0778","reference_id":"RHSA-2021:0778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0778"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0851","reference_id":"RHSA-2021:0851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0860","reference_id":"RHSA-2021:0860","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0860"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1846","reference_id":"RHSA-2021:1846","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1846"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4142","reference_id":"RHSA-2021:4142","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4142"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6393","reference_id":"RHSA-2022:6393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7343","reference_id":"RHSA-2022:7343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0552","reference_id":"RHSA-2023:0552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0553","reference_id":"RHSA-2023:0553","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0553"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0554","reference_id":"RHSA-2023:0554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0554"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0556","reference_id":"RHSA-2023:0556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1070","reference_id":"RHSA-2025:1070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1185","reference_id":"RHSA-2025:1185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1209","reference_id":"RHSA-2025:1209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1210","reference_id":"RHSA-2025:1210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1211","reference_id":"RHSA-2025:1211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1212","reference_id":"RHSA-2025:1212","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1212"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1213","reference_id":"RHSA-2025:1213","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1213"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1214","reference_id":"RHSA-2025:1214","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1214"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1215","reference_id":"RHSA-2025:1215","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1215"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1216","reference_id":"RHSA-2025:1216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1217","reference_id":"RHSA-2025:1217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1247","reference_id":"RHSA-2025:1247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1255","reference_id":"RHSA-2025:1255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1256","reference_id":"RHSA-2025:1256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1300","reference_id":"RHSA-2025:1300","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1300"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1301","reference_id":"RHSA-2025:1301","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1301"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1303","reference_id":"RHSA-2025:1303","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1304","reference_id":"RHSA-2025:1304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1305","reference_id":"RHSA-2025:1305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1306","reference_id":"RHSA-2025:1306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1308","reference_id":"RHSA-2025:1308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1309","reference_id":"RHSA-2025:1309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1310","reference_id":"RHSA-2025:1310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1310"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1311","reference_id":"RHSA-2025:1311","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1311"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1312","reference_id":"RHSA-2025:1312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1312"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1314","reference_id":"RHSA-2025:1314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1315","reference_id":"RHSA-2025:1315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1329","reference_id":"RHSA-2025:1329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1338","reference_id":"RHSA-2025:1338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1342","reference_id":"RHSA-2025:1342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1346","reference_id":"RHSA-2025:1346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1514","reference_id":"RHSA-2025:1514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1515","reference_id":"RHSA-2025:1515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1580","reference_id":"RHSA-2025:1580","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1580"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1601","reference_id":"RHSA-2025:1601","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1601"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1983","reference_id":"RHSA-2025:1983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2426","reference_id":"RHSA-2025:2426","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2426"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/","reference_id":"SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/","reference_id":"SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/"},{"reference_url":"https://usn.ubuntu.com/7246-1/","reference_id":"USN-7246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7246-1/"},{"reference_url":"https://usn.ubuntu.com/7622-1/","reference_id":"USN-7622-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7622-1/"},{"reference_url":"https://usn.ubuntu.com/7658-1/","reference_id":"USN-7658-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7658-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-11023","GHSA-jpcq-cgw6-v4j6"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vjrr-h9sh-3bcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97449?format=json","vulnerability_id":"VCID-x6vz-j7gw-2kbq","summary":"An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1765","reference_id":"","reference_type":"","scores":[{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70773","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70816","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70823","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70805","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70792","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1765"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1765"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x6vz-j7gw-2kbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97464?format=json","vulnerability_id":"VCID-xjen-uzab-a7cu","summary":"DoS attack can be performed when an email contains specially designed URL in the body. It can lead to the high CPU usage and cause low quality of service, or in extreme case bring the system to a halt. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions; 8.0.x version 8.0.13 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21439","reference_id":"","reference_type":"","scores":[{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57573","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57625","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57633","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57612","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.5763","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21439"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21439","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21439"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992","reference_id":"989992","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2021-21439"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xjen-uzab-a7cu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97438?format=json","vulnerability_id":"VCID-xy85-n3rw-6uar","summary":"An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. In the customer or external frontend, personal information of agents (e.g., Name and mail address) can be disclosed in external notes.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12497","reference_id":"","reference_type":"","scores":[{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69466","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00917","scoring_system":"epss","scoring_elements":"0.76337","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00917","scoring_system":"epss","scoring_elements":"0.7634","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00917","scoring_system":"epss","scoring_elements":"0.76332","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00917","scoring_system":"epss","scoring_elements":"0.76322","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00917","scoring_system":"epss","scoring_elements":"0.76345","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12497"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-12497"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xy85-n3rw-6uar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97439?format=json","vulnerability_id":"VCID-yw3f-yrw5-zuhu","summary":"An issue was discovered in Open Ticket Request System (OTRS) Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be then be potentially abused in order to impersonate the agent user.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12746","reference_id":"","reference_type":"","scores":[{"value":"0.00822","scoring_system":"epss","scoring_elements":"0.74816","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00822","scoring_system":"epss","scoring_elements":"0.74807","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00822","scoring_system":"epss","scoring_elements":"0.74791","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00822","scoring_system":"epss","scoring_elements":"0.74817","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.75047","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.75077","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12746"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2019-12746"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yw3f-yrw5-zuhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97420?format=json","vulnerability_id":"VCID-zjh1-fhd3-mbcb","summary":"In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form parameters (related to PGP) and execute arbitrary shell commands with the permissions of the OTRS or web server user.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16921","reference_id":"","reference_type":"","scores":[{"value":"0.33869","scoring_system":"epss","scoring_elements":"0.97049","published_at":"2026-06-04T12:55:00Z"},{"value":"0.33869","scoring_system":"epss","scoring_elements":"0.97052","published_at":"2026-06-05T12:55:00Z"},{"value":"0.33869","scoring_system":"epss","scoring_elements":"0.97054","published_at":"2026-06-06T12:55:00Z"},{"value":"0.33869","scoring_system":"epss","scoring_elements":"0.97056","published_at":"2026-06-08T12:55:00Z"},{"value":"0.33869","scoring_system":"epss","scoring_elements":"0.9706","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16921"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883774","reference_id":"883774","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883774"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/perl/webapps/43853.txt","reference_id":"CVE-2017-16921","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/perl/webapps/43853.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/515604?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1%2Bdeb9u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-17u4-6a9b-vfg7"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-2zbp-7f7d-9yax"},{"vulnerability":"VCID-37a6-9nkd-zfe2"},{"vulnerability":"VCID-3t8c-btz5-aygz"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-4fub-mh26-8kch"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-9vxt-vwmf-7qf9"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-a5xn-yn1g-kbfb"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-cwy4-f5jk-g7f1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-e41t-6ufe-4uhg"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-hq3f-5xvu-nybp"},{"vulnerability":"VCID-j7u9-2fdf-yfgs"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-kj1x-kn4w-13a1"},{"vulnerability":"VCID-n1x5-3apq-yuax"},{"vulnerability":"VCID-psbm-u2fr-afgx"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-s95j-1s4a-83bp"},{"vulnerability":"VCID-t86d-v1jx-7kek"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zjh1-fhd3-mbcb"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1%252Bdeb9u6"},{"url":"http://public2.vulnerablecode.io/api/packages/516737?format=json","purl":"pkg:deb/debian/otrs2@6.0.16-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.16-2"}],"aliases":["CVE-2017-16921"],"risk_score":0.6,"exploitability":"2.0","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zjh1-fhd3-mbcb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97450?format=json","vulnerability_id":"VCID-zvje-yu8a-67eh","summary":"Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1766","reference_id":"","reference_type":"","scores":[{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.71075","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.71117","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.71124","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.71107","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.71093","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.71118","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1766"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1766","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1766"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516738?format=json","purl":"pkg:deb/debian/otrs2@6.0.32-6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6"}],"aliases":["CVE-2020-1766"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zvje-yu8a-67eh"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97414?format=json","vulnerability_id":"VCID-6rc9-awnq-sbh3","summary":"Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.3.x before 3.3.16, 4.0.x before 4.0.19, and 5.0.x before 5.0.14 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9139","reference_id":"","reference_type":"","scores":[{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.4629","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46357","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46359","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46339","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46312","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46322","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9139","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9139"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=843091","reference_id":"843091","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=843091"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/515603?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-17u4-6a9b-vfg7"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-2zbp-7f7d-9yax"},{"vulnerability":"VCID-37a6-9nkd-zfe2"},{"vulnerability":"VCID-3t8c-btz5-aygz"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-4fub-mh26-8kch"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-9vxt-vwmf-7qf9"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-a5xn-yn1g-kbfb"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-cwy4-f5jk-g7f1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-e41t-6ufe-4uhg"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-hq3f-5xvu-nybp"},{"vulnerability":"VCID-j7u9-2fdf-yfgs"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-kj1x-kn4w-13a1"},{"vulnerability":"VCID-n1x5-3apq-yuax"},{"vulnerability":"VCID-psbm-u2fr-afgx"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-s95j-1s4a-83bp"},{"vulnerability":"VCID-t86d-v1jx-7kek"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zjh1-fhd3-mbcb"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1~bpo8%252B1"}],"aliases":["CVE-2016-9139"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6rc9-awnq-sbh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97416?format=json","vulnerability_id":"VCID-931s-zyss-r3ee","summary":"In the Agent Frontend in Open Ticket Request System (OTRS) 3.3.x through 3.3.18, with a crafted URL it is possible to gain information like database user and password.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15864","reference_id":"","reference_type":"","scores":[{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66366","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66406","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66415","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66399","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66385","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66403","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15864"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/515603?format=json","purl":"pkg:deb/debian/otrs2@5.0.16-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-118n-pg69-n7fk"},{"vulnerability":"VCID-17u4-6a9b-vfg7"},{"vulnerability":"VCID-29xd-16y4-cufd"},{"vulnerability":"VCID-2zbp-7f7d-9yax"},{"vulnerability":"VCID-37a6-9nkd-zfe2"},{"vulnerability":"VCID-3t8c-btz5-aygz"},{"vulnerability":"VCID-48xy-e43e-3uhq"},{"vulnerability":"VCID-4fub-mh26-8kch"},{"vulnerability":"VCID-5aaf-5d97-g3bg"},{"vulnerability":"VCID-5jye-2stz-fqam"},{"vulnerability":"VCID-6bmk-u1e6-ybav"},{"vulnerability":"VCID-7em4-9csm-pfgz"},{"vulnerability":"VCID-84eq-cq89-9qhm"},{"vulnerability":"VCID-8bqn-wqhd-87da"},{"vulnerability":"VCID-8wat-51ra-skdf"},{"vulnerability":"VCID-9fy1-azty-z3f4"},{"vulnerability":"VCID-9vxt-vwmf-7qf9"},{"vulnerability":"VCID-a1sz-pm39-a7ft"},{"vulnerability":"VCID-a5xn-yn1g-kbfb"},{"vulnerability":"VCID-amad-41hs-1qay"},{"vulnerability":"VCID-cbw1-dcam-fff1"},{"vulnerability":"VCID-cwy4-f5jk-g7f1"},{"vulnerability":"VCID-dnfd-spvs-9qbb"},{"vulnerability":"VCID-e41t-6ufe-4uhg"},{"vulnerability":"VCID-fxxh-51wc-gbb3"},{"vulnerability":"VCID-gubp-jzhm-kyh6"},{"vulnerability":"VCID-hq3f-5xvu-nybp"},{"vulnerability":"VCID-j7u9-2fdf-yfgs"},{"vulnerability":"VCID-jed8-4cv5-6bcr"},{"vulnerability":"VCID-k6nu-g1bk-dkg7"},{"vulnerability":"VCID-kj1x-kn4w-13a1"},{"vulnerability":"VCID-n1x5-3apq-yuax"},{"vulnerability":"VCID-psbm-u2fr-afgx"},{"vulnerability":"VCID-qabf-7jqg-b3du"},{"vulnerability":"VCID-qd3v-muyf-tkd7"},{"vulnerability":"VCID-r7xv-pxng-kfap"},{"vulnerability":"VCID-s95j-1s4a-83bp"},{"vulnerability":"VCID-t86d-v1jx-7kek"},{"vulnerability":"VCID-ug4m-ygza-bqct"},{"vulnerability":"VCID-vjgu-685x-pyff"},{"vulnerability":"VCID-vjrr-h9sh-3bcu"},{"vulnerability":"VCID-x6vz-j7gw-2kbq"},{"vulnerability":"VCID-xjen-uzab-a7cu"},{"vulnerability":"VCID-xy85-n3rw-6uar"},{"vulnerability":"VCID-yw3f-yrw5-zuhu"},{"vulnerability":"VCID-zjh1-fhd3-mbcb"},{"vulnerability":"VCID-zvje-yu8a-67eh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1~bpo8%252B1"}],"aliases":["CVE-2017-15864"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-931s-zyss-r3ee"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@5.0.16-1~bpo8%252B1"}