cvelist/2019/15xxx/CVE-2019-15011.json

{
    "CVE_data_meta": {
        "ASSIGNER": "security@atlassian.com",
        "DATE_PUBLIC": "2019-12-17T00:00:00",
        "ID": "CVE-2019-15011",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Application Links",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "5.0.12",
                                            "version_affected": "<"
                                        },
                                        {
                                            "version_value": "5.1.0",
                                            "version_affected": ">="
                                        },
                                        {
                                            "version_value": "5.2.11",
                                            "version_affected": "<"
                                        },
                                        {
                                            "version_value": "5.3.0",
                                            "version_affected": ">="
                                        },
                                        {
                                            "version_value": "5.3.7",
                                            "version_affected": "<"
                                        },
                                        {
                                            "version_value": "5.4.0",
                                            "version_affected": ">="
                                        },
                                        {
                                            "version_value": "5.4.13",
                                            "version_affected": "<"
                                        },
                                        {
                                            "version_value": "6.0.0",
                                            "version_affected": ">="
                                        },
                                        {
                                            "version_value": "6.0.5",
                                            "version_affected": "<"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "Atlassian"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "The ListEntityLinksServlet resource in Application Links before version 5.0.12, from version 5.1.0 before version 5.2.11, from version 5.3.0 before version 5.3.7, from version 5.4.0 before 5.4.13, and from version 6.0.0 before 6.0.5 disclosed application link information to non-admin users via a missing permissions check."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "Information Exposure"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "url": "https://ecosystem.atlassian.net/browse/APL-1386",
                "refsource": "MISC",
                "name": "https://ecosystem.atlassian.net/browse/APL-1386"
            }
        ]
    }
}
Add CVE-2017-18107 CVE-2019-15011 2019-12-17 14:39:37 +11:00			`{`
"-Synchronized-Data." 2019-12-17 04:01:06 +00:00			`"CVE_data_meta": {`
			`"ASSIGNER": "security@atlassian.com",`
			`"DATE_PUBLIC": "2019-12-17T00:00:00",`
			`"ID": "CVE-2019-15011",`
			`"STATE": "PUBLIC"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Application Links",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "5.0.12",`
			`"version_affected": "<"`
			`},`
			`{`
			`"version_value": "5.1.0",`
			`"version_affected": ">="`
			`},`
			`{`
			`"version_value": "5.2.11",`
			`"version_affected": "<"`
			`},`
			`{`
			`"version_value": "5.3.0",`
			`"version_affected": ">="`
			`},`
			`{`
			`"version_value": "5.3.7",`
			`"version_affected": "<"`
			`},`
			`{`
			`"version_value": "5.4.0",`
			`"version_affected": ">="`
			`},`
			`{`
			`"version_value": "5.4.13",`
			`"version_affected": "<"`
			`},`
			`{`
			`"version_value": "6.0.0",`
			`"version_affected": ">="`
			`},`
			`{`
			`"version_value": "6.0.5",`
			`"version_affected": "<"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "Atlassian"`
			`}`
			`]`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
			`"description": {`
			`"description_data": [`
Add CVE-2017-18107 CVE-2019-15011 2019-12-17 14:39:37 +11:00			`{`
"-Synchronized-Data." 2019-12-17 04:01:06 +00:00			`"lang": "eng",`
			`"value": "The ListEntityLinksServlet resource in Application Links before version 5.0.12, from version 5.1.0 before version 5.2.11, from version 5.3.0 before version 5.3.7, from version 5.4.0 before 5.4.13, and from version 6.0.0 before 6.0.5 disclosed application link information to non-admin users via a missing permissions check."`
Add CVE-2017-18107 CVE-2019-15011 2019-12-17 14:39:37 +11:00			`}`
"-Synchronized-Data." 2019-12-17 04:01:06 +00:00			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "Information Exposure"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"url": "https://ecosystem.atlassian.net/browse/APL-1386",`
			`"refsource": "MISC",`
			`"name": "https://ecosystem.atlassian.net/browse/APL-1386"`
			`}`
			`]`
			`}`
CVEs for Bitbucket advisory 2020-01-15 10:31:54 -08:00			`}`