Information on source package otrs2

Available versions

ReleaseVersion
jessie (security)3.3.18-1+deb8u4
stretch/non-free (security)5.0.16-1+deb9u5
buster/non-free6.0.10-1
sid/non-free6.0.10-1

Open issues

BugjessiestretchbustersidDescription
CVE-2018-14593vulnerablevulnerablefixedfixedAn issue was discovered in Open Ticket Request System (OTRS) 6.0.x ...
CVE-2016-9139vulnerable (no DSA, ignored)fixedfixedfixedCross-site scripting (XSS) vulnerability in Open Ticket Request System ...

Open unimportant issues

BugjessiestretchbustersidDescription
CVE-2018-7567vulnerablevulnerablevulnerablevulnerable** DISPUTED ** In the Admin Package Manager in Open Ticket Request ...

Resolved issues

BugDescription
CVE-2018-10198An issue was discovered in OTRS 6.0.x before 6.0.7. An attacker who is ...
CVE-2017-9324In Open Ticket Request System (OTRS) 3.3.x through 3.3.16, 4.x through ...
CVE-2017-17476Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before ...
CVE-2017-16921In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including ...
CVE-2017-16854In Open Ticket Request System (OTRS) through 3.3.20, 4 through 4.0.26, ...
CVE-2017-16664Code injection exists in Kernel/System/Spelling.pm in Open Ticket ...
CVE-2017-15864In the Agent Frontend in Open Ticket Request System (OTRS) 3.3.x ...
CVE-2017-14635In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x before ...
CVE-2014-9324The GenericInterface in OTRS Help Desk 3.2.x before 3.2.17, 3.3.x ...
CVE-2014-2554OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 ...
CVE-2014-2553Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...
CVE-2014-1695Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...
CVE-2014-1694Multiple cross-site request forgery (CSRF) vulnerabilities in (1) ...
CVE-2014-1471SQL injection vulnerability in the StateGetStatesByType function in ...
CVE-2013-4717SQL injection
CVE-2013-4088Information Disclosure
CVE-2013-3551
CVE-2013-2625
CVE-2012-4751Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...
CVE-2012-4600Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...
CVE-2012-2582Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket ...
CVE-2011-2746Unspecified vulnerability in Kernel/Modules/AdminPackageManager.pm in ...
CVE-2011-2385The iPhoneHandle package 0.9.x before 0.9.7 and 1.0.x before 1.0.3 in ...
CVE-2011-1518Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket ...
CVE-2011-1433The (1) AgentInterface and (2) CustomerInterface components in Open ...
CVE-2011-0456webscript.pl in Open Ticket Request System (OTRS) 2.3.4 and earlier ...
CVE-2010-4768Open Ticket Request System (OTRS) before 2.3.5 does not properly ...
CVE-2010-4767Open Ticket Request System (OTRS) before 2.3.6 does not properly ...
CVE-2010-4766The AgentTicketForward feature in Open Ticket Request System (OTRS) ...
CVE-2010-4765Race condition in the Kernel::System::Main::FileWrite method in Open ...
CVE-2010-4764Open Ticket Request System (OTRS) before 2.4.10, and 3.x before 3.0.3, ...
CVE-2010-4763The ACL-customer-status Ticket Type setting in Open Ticket Request ...
CVE-2010-4762Cross-site scripting (XSS) vulnerability in the rich-text-editor ...
CVE-2010-4761The customer-interface ticket-print dialog in Open Ticket Request ...
CVE-2010-4760Open Ticket Request System (OTRS) before 3.0.0-beta6 adds ...
CVE-2010-4759Open Ticket Request System (OTRS) before 3.0.0-beta7 does not properly ...
CVE-2010-4758installer.pl in Open Ticket Request System (OTRS) before 3.0.3 has an ...
CVE-2010-4071Cross-site scripting (XSS) vulnerability in AgentTicketZoom in OTRS ...
CVE-2010-3476Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x before ...
CVE-2010-2080Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket ...
CVE-2010-0438Multiple SQL injection vulnerabilities in Kernel/System/Ticket.pm in ...
CVE-2009-5057The S/MIME feature in Open Ticket Request System (OTRS) before 2.3.4 ...
CVE-2009-5056Open Ticket Request System (OTRS) before 2.4.0-beta2 does not properly ...
CVE-2009-5055Open Ticket Request System (OTRS) before 2.4.4 grants ticket access on ...
CVE-2008-7283Open Ticket Request System (OTRS) before 2.2.6, when customer group ...
CVE-2008-7282Kernel/Output/HTML/CustomerNewTicketQueueSelectionGeneric.pm in Open ...
CVE-2008-7281Open Ticket Request System (OTRS) before 2.2.7 sends e-mail containing ...
CVE-2008-7280Kernel/System/EmailParser.pm in PostmasterPOP3.pl in Open Ticket ...
CVE-2008-7279The CustomerInterface component in Open Ticket Request System (OTRS) ...
CVE-2008-7278The S/MIME feature in Open Ticket Request System (OTRS) before 2.2.5, ...
CVE-2008-7277Open Ticket Request System (OTRS) before 2.3.0-beta4 checks for the rw ...
CVE-2008-7276Kernel/System/Web/Request.pm in Open Ticket Request System (OTRS) ...
CVE-2008-7275Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket ...
CVE-2008-7220Unspecified vulnerability in Prototype JavaScript framework ...
CVE-2008-1515The SOAP interface in OTRS 2.1.x before 2.1.8 and 2.2.x before 2.2.6 ...
CVE-2007-2524Cross-site scripting (XSS) vulnerability in index.pl in Open Ticket ...
CVE-2007-2383The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data ...

Security announcements

DSA / DLADescription
DSA-4069-1otrs2 - security update
DSA-4069-1otrs2 - security update
DLA-1215-1otrs2 - security update
DLA-1212-1otrs2 - security update
DSA-4066-1otrs2 - security update
DSA-4066-1otrs2 - security update
DSA-4047-1otrs2 - security update
DSA-4047-1otrs2 - security update
DSA-4021-1otrs2 - security update
DSA-4021-1otrs2 - security update
DLA-1119-1otrs2 - security update
DSA-3876-1otrs2 - security update
DLA-787-1otrs2 - security update
DSA-3124-1otrs2 - security update
DSA-2867-1otrs2 - several
DSA-2867-1otrs2 - several
DSA-2733-1otrs2 - SQL injection
DSA-2733-1otrs2 - SQL injection
DSA-2712-1otrs2 - privilege escalation
DSA-2696-1otrs2 - privilege escalation
DSA-2536-1otrs2 - cross-site scripting
DSA-2231-1otrs2 - cross-site scripting
DSA-1993-1otrs2 - SQL injection
DSA-1298-1otrs2

Search for package or bug name: Reporting problems