Information on source package znuny

Available versions

Bug	bookworm	trixie	sid	Description
TEMP-0000000-4578D8	vulnerable (no DSA)	fixed	fixed	znuny: Missing HTTP headers for attachments
CVE-2025-26846	vulnerable (no DSA)	fixed	fixed	znuny: Wrong permissions check in the generic interface
CVE-2025-26845	vulnerable (no DSA)	fixed	fixed	znuny: privilege escalation in backup script
CVE-2025-26844	vulnerable (no DSA)	fixed	fixed	znuny: HTTP Cookie not set correctly
CVE-2025-26842	vulnerable (no DSA)	fixed	fixed	znuny: Information disclosure of S/MIME encrypted emails
CVE-2024-48938	vulnerable (no DSA)	fixed	fixed	Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows ...
CVE-2024-48937	vulnerable (no DSA)	fixed	fixed	Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows ...
CVE-2024-32493	vulnerable (no DSA)	fixed	fixed	An issue was discovered in Znuny LTS 6.5.1 through 6.5.7 and Znuny 7.0 ...
CVE-2024-32491	vulnerable (no DSA)	fixed	fixed	An issue was discovered in Znuny and Znuny LTS 6.0.31 through 6.5.7 an ...
CVE-2023-38060	vulnerable (no DSA)	fixed	fixed	Improper Input Validation vulnerability in the ContentType parameter f ...

Bug	Description
CVE-2024-32492	An issue was discovered in Znuny 7.0.1 through 7.0.16 where the ticket ...
CVE-2022-4427	Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTR ...
CVE-2021-36100	Specially crafted string in OTRS system configuration can allow the ex ...
CVE-2021-21443	Agents are able to list customer user emails without required permissi ...
CVE-2021-21441	There is a XSS vulnerability in the ticket overview screens. It's poss ...
CVE-2021-21440	Generated Support Bundles contains private S/MIME and PGP keys if cont ...
CVE-2021-21439	DoS attack can be performed when an email contains specially designed ...