{"id":"DSA-1944-1","summary":"request-tracker3.4 request-tracker3.6 - session hijack vulnerability","modified":"2026-03-09T01:17:23.889609376Z","published":"2009-12-03T00:00:00Z","upstream":["CVE-2009-3585","CVE-2009-4151","DEBIAN-CVE-2009-3585","DEBIAN-CVE-2009-4151"],"affected":[{"package":{"name":"request-tracker3.6","ecosystem":"Debian:4.0","purl":"pkg:deb/debian/request-tracker3.6?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.6.1-4+etch1"}]}],"versions":["3.6.1-4"],"database_specific":{"source":"https://storage.googleapis.com/debian-osv/dsa-osv/DSA-1944-1.json"}},{"package":{"name":"request-tracker3.4","ecosystem":"Debian:4.0","purl":"pkg:deb/debian/request-tracker3.4?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.5-2+etch1"}]}],"versions":["3.4.5-2"],"database_specific":{"source":"https://storage.googleapis.com/debian-osv/dsa-osv/DSA-1944-1.json"}},{"package":{"name":"request-tracker3.6","ecosystem":"Debian:5.0","purl":"pkg:deb/debian/request-tracker3.6?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.6.7-5+lenny3"}]}],"versions":["3.6.7-5","3.6.7-5+lenny1","3.6.7-5+lenny2"],"database_specific":{"source":"https://storage.googleapis.com/debian-osv/dsa-osv/DSA-1944-1.json"}}],"schema_version":"1.7.3"}