Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-25802 | 1 Bestpractical | 1 Request Tracker | 2024-02-04 | N/A | 6.1 MEDIUM |
| Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment. | |||||
| CVE-2021-38562 | 2 Bestpractical, Fedoraproject | 2 Request Tracker, Fedora | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Best Practical Request Tracker (RT) 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing attack against lib/RT/REST2/Middleware/Auth.pm. | |||||
| CVE-2018-18898 | 2 Bestpractical, Fedoraproject | 2 Request Tracker, Fedora | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing. | |||||