| Bug | bookworm | trixie | sid | Description |
|---|
| TEMP-0000000-4578D8 | vulnerable (no DSA) | fixed | fixed | znuny: Missing HTTP headers for attachments |
| CVE-2025-43926 | vulnerable (no DSA) | fixed | fixed | An issue was discovered in Znuny through 6.5.14 and 7.x through 7.1.6. ... |
| CVE-2025-26847 | vulnerable (no DSA) | fixed | fixed | An issue was discovered in Znuny before 7.1.5. When generating a suppo ... |
| CVE-2025-26846 | vulnerable (no DSA) | fixed | fixed | An issue was discovered in Znuny before 7.1.4. Permissions are not che ... |
| CVE-2025-26845 | vulnerable (no DSA) | fixed | fixed | An Eval Injection issue was discovered in Znuny through 7.1.3. A user ... |
| CVE-2025-26844 | vulnerable (no DSA) | fixed | fixed | An issue was discovered in Znuny through 7.1.3. A cookie is set withou ... |
| CVE-2025-26842 | vulnerable (no DSA) | fixed | fixed | An issue was discovered in Znuny through 7.1.3. If access to a ticket ... |
| CVE-2025-3573 | vulnerable (no DSA) | vulnerable | vulnerable | Versions of the package jquery-validation before 1.20.0 are vulnerable ... |
| CVE-2024-48938 | vulnerable (no DSA) | fixed | fixed | Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows ... |
| CVE-2024-48937 | vulnerable (no DSA) | fixed | fixed | Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows ... |
| CVE-2024-32493 | vulnerable (no DSA) | fixed | fixed | An issue was discovered in Znuny LTS 6.5.1 through 6.5.7 and Znuny 7.0 ... |
| CVE-2024-32491 | vulnerable (no DSA) | fixed | fixed | An issue was discovered in Znuny and Znuny LTS 6.0.31 through 6.5.7 an ... |
| CVE-2023-38060 | vulnerable (no DSA) | fixed | fixed | Improper Input Validation vulnerability in the ContentType parameter f ... |