Lucene search

Debian Security Bug TrackerDEBIANCVE:CVE-2023-41260

HistoryNov 03, 2023 - 5:15 a.m.

CVE-2023-41260

2023-11-0305:15:29

Debian Security Bug Tracker

security-tracker.debian.org

request tracker

information exposure

cve-2023-41260

rest api

mail gateway

unix

6.2 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

27.4%

JSON

Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Exposure in responses to mail-gateway REST API calls.

OSVersionArchitecturePackageVersionFilename
Debian12allrequest-tracker4< 4.4.6+dfsg-1.1+deb12u1request-tracker4_4.4.6+dfsg-1.1+deb12u1_all.deb
Debian11allrequest-tracker4< 4.4.4+dfsg-2+deb11u3request-tracker4_4.4.4+dfsg-2+deb11u3_all.deb
Debian10allrequest-tracker4< 4.4.3-2+deb10u3request-tracker4_4.4.3-2+deb10u3_all.deb
Debian999allrequest-tracker4< 4.4.7+dfsg-1request-tracker4_4.4.7+dfsg-1_all.deb
Debian13allrequest-tracker4< 4.4.7+dfsg-1request-tracker4_4.4.7+dfsg-1_all.deb
Debian12allrequest-tracker5< 5.0.3+dfsg-3~deb12u2request-tracker5_5.0.3+dfsg-3~deb12u2_all.deb
Debian999allrequest-tracker5< 5.0.5+dfsg-1request-tracker5_5.0.5+dfsg-1_all.deb
Debian13allrequest-tracker5< 5.0.5+dfsg-1request-tracker5_5.0.5+dfsg-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	request-tracker4	< 4.4.6+dfsg-1.1+deb12u1	request-tracker4_4.4.6+dfsg-1.1+deb12u1_all.deb
Debian	11	all	request-tracker4	< 4.4.4+dfsg-2+deb11u3	request-tracker4_4.4.4+dfsg-2+deb11u3_all.deb
Debian	10	all	request-tracker4	< 4.4.3-2+deb10u3	request-tracker4_4.4.3-2+deb10u3_all.deb
Debian	999	all	request-tracker4	< 4.4.7+dfsg-1	request-tracker4_4.4.7+dfsg-1_all.deb
Debian	13	all	request-tracker4	< 4.4.7+dfsg-1	request-tracker4_4.4.7+dfsg-1_all.deb
Debian	12	all	request-tracker5	< 5.0.3+dfsg-3~deb12u2	request-tracker5_5.0.3+dfsg-3~deb12u2_all.deb
Debian	999	all	request-tracker5	< 5.0.5+dfsg-1	request-tracker5_5.0.5+dfsg-1_all.deb
Debian	13	all	request-tracker5	< 5.0.5+dfsg-1	request-tracker5_5.0.5+dfsg-1_all.deb