25 matches found
UBUNTU-CVE-2025-61873
Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...
CVE-2023-45024
Best Practical Request Tracker RT 5 before 5.0.5 allows Information Disclosure via a transaction search in the transaction query builder...
EUVD-2022-30443
Malicious code in bioql PyPI...
EUVD-2022-30442
Malicious code in bioql PyPI...
CVE-2023-41259
Best Practical Request Tracker RT before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call...
CVE-2022-25803
Best Practical Request Tracker RT before 5.0.3 has an Open Redirect via a ticket search...
CVE-2023-41260
Best Practical Request Tracker RT before 4.4.7 and 5.x before 5.0.5 allows Information Exposure in responses to mail-gateway REST API calls...
CVE-2023-41259
Best Practical Request Tracker RT before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call...
CVE-2023-41260
Best Practical Request Tracker RT before 4.4.7 and 5.x before 5.0.5 allows Information Exposure in responses to mail-gateway REST API calls...
CVE-2023-41259
Best Practical Request Tracker RT before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call...
CVE-2023-41259
Best Practical Request Tracker RT before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call...
CVE-2023-45024
Best Practical Request Tracker RT 5 before 5.0.5 allows Information Disclosure via a transaction search in the transaction query builder...
CVE-2023-41260
CVE-2023-41260 affects Best Practical Request Tracker (RT) prior to 4.4.7 and RT 5.x prior to 5.0.5, enabling information exposure in responses to mail-gateway REST API calls. Public references indicate fixes in RT 4.4.7 and RT 5.0.5, with Debian LTS patching RT 4.4.3-2+deb10u3. No exploitation d...
CVE-2023-45024
CVE-2023-45024 affects Best Practical Request Tracker (RT) 5.x, with information disclosure via a transaction search in the transaction query builder. The vulnerability is associated with RT versions before 5.0.5, as cited in multiple sources (NVD entry for CVE-2023-45024 and related advisories)....
CVE-2023-41259
Best Practical Request Tracker RT before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call...
CVE-2022-25803
Best Practical Request Tracker RT before 5.0.3 has an Open Redirect via a ticket search...
CVE-2022-25802
Best Practical Request Tracker RT before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment...
Debian DLA-3057-1 : request-tracker4 - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-3057 advisory. - Best Practical Request Tracker RT 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing attack against...
CVE-2021-38562
Best Practical Request Tracker RT 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing attack against lib/RT/REST2/Middleware/Auth.pm...
CVE-2021-38562
Best Practical Request Tracker RT 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing attack against lib/RT/REST2/Middleware/Auth.pm...